Incident Response Plan Testing


Pricing starts at $750 for in-network credit unions, relative to the size and complexity of operations and IT topology. A custom Statement of Work and proposal will be provided based on a (free) initial consultation.


The true measure of any Incident Response Plan is not in the number of pages it contains, but whether or not it will deliver when potential security incidents occur. Are you planning for the right scenarios? Are the procedures within the plan correct and complete? Are staff trained on performing the procedures, or will they learn-as-they-go, delaying the response and recovery effort? The same certified professionals who currently oversee the Business Continuity and Response Program at CU*Answers offer a range of cost-effective solutions to assist your credit union in the development, implementation, and testing of your Incident Response Plan.

Category: Tag:




The Incident Response Plan is a key component of the Information Security Program. When unexpected security incidents and disruptions occur, too many organizations discover that their response plans are incomplete or outdated and that their staff are not adequately trained in the roles they are assigned. This leads to prolonged disruptions and expensive recovery efforts. Testing your plan on a regular basis provides the opportunity to:

  • Verify the completeness and accuracy of the procedures in the plan
  • Identify areas within the plan that should be enhanced or updated to improve effectiveness
  • Determine the external resources required for an incident response
  • Provide training for response teams to improve efficiency
  • Demonstrate the ability to respond and recover from unplanned incidents and disruptions
  • Build confidence in the program and the ability of staff

As a credit union, you are required to perform a test of your Incident Response Plan at least annually, and the results of the test are to be reviewed by Senior Management and the Board of Directors (or applicable committee). Performing the same test each year can lead to a false sense of security. Response and recovery tests and exercises should be designed with an increasing scope for continuous program improvement.

The certified Business Continuity and Response professionals at CU*Answers have the knowledge and experience necessary and will work with your team to develop and coordinate a testing schedule that accomplishes the goals listed above.

The Process

A certified CU*Answers Business Continuity professional will work with you and your team from start to finish to:

  1. Assess the current testing program and develop one that addresses the key areas of the plan
  2. Develop the testing program playbook that identifies the process and steps for each test or exercise
  3. Coordinate the necessary support teams throughout the duration of the test to ensure that the desired tasks are performed
  4. Recommend areas for improvement, both in procedures and continuity and recovery strategies
  5. Document the results of the test in a final report that can be presented to your Board of Directors and to auditors and examiners

Next Steps

Engagements start at $750.00 and are based on the size and complexity of operations and IT topology.

An initial (free) consultation is offered to assess the needs of your existing Incident Response Testing program and identify an action plan to get to the target state. A custom Statement of Work and proposal will be provided for each project.


There are no reviews yet.

Only logged in customers who have purchased this product may leave a review.