Incident Response
Incident Response is your plan for when something does go wrong: detecting it, containing it, and reporting it. Assessors want to see a real, tested capability, not a document nobody has ever used.
The 3 Incident Response requirements
14 assessment objectives across this family.
- 3.6.1Incident HandlingEstablish an operational incident-handling capability for organizational systems that includes preparation, detection, analysis, containment, recovery, and user response activities.5 pt✕ POA&M
- 3.6.2Incident ReportingTrack, document, and report incidents to designated officials and/or authorities both internal and external to the organization.5 pt✕ POA&M
- 3.6.3Incident Response TestingTest the organizational incident response capability.1 pt
Build Incident Response, and all 14 families, with an officer
The Level 2 Accelerator walks all 110 requirements with you, generates your SSP, POA&M, and Audit Room from real evidence, includes the full Level 1 platform, and puts a credentialed officer alongside you for 180 days. Filed in 180 days, or we work free until you are.
No credit card. Phase 2 begins Nov 10, 2026, when applicable DoD solicitations start requiring a current Level 2 status to win the award.
Questions, answered
How many CMMC Level 2 requirements are in Incident Response?+
The Incident Response family (IR) has 3 of the 110 CMMC Level 2 requirements, assessed against 14 objectives from NIST SP 800-171A.
What is the Incident Response family about?+
Incident Response is your plan for when something does go wrong: detecting it, containing it, and reporting it. Assessors want to see a real, tested capability, not a document nobody has ever used.