Home » Functions » Test (RC.RT) » RC.RT-5 Continuous Assurance Testing

Description

Recovery controls, measures, processes and procedures should be continuously tested. As threat and cyber picture do not remain constant / static so should our recovery controls and processes. Continuous testing ensures that our processes are up to date and current, and that ‘ways of working’ have not changed, and where they have, then new processes are needed, or existing processes are updated to reflect reality. This also helps weaknesses in controls and ‘ways of working’ to be identified and remediated.

Further, conduct continuous assurance testing of your organisation detection, monitoring, response and recovery controls. Ensure that these controls are functional. Without detection controls it may be challenging to know when the organisation have been breached or compromised, and conversely, to respond and recover from cyber-attacks on time is very much dependent on how quickly these events are detected. It is important to reduce or minimise mean time to detect, respond and recover. By conducting continuous assurance testing the organisation will become proactive, and able to uncover vulnerable assets even before an exploit. Similarly, knowing about the vulnerabilities means that the assets are patched on time, and where defence are weak then compensating controls can be used as a workaround. There are open source tools to use to formulate your continuous assurance testing regime such as NMAP, OpenVAS, OWASP ZAP , Nessus, Burb suite, etc.

Outcomes / Outputs

(Conduct / Fix / Ingest / List / Plan / Procure / Produce / Report / Review / Set / Test  / Train )

1. Test recovery controls, measures, processes and procedures

Reference