NIST 800-53 REV 5 • CONTINGENCY PLANNING

CP-3(1)Simulated Events

Incorporate simulated events into contingency training to facilitate effective response by personnel in crisis situations.

CMMC Practice Mapping

No direct CMMC mapping

NIST 800-171 Mapping

No direct NIST 800-171 mapping

Related Controls

No related controls listed

Supplemental Guidance

The use of simulated events creates an environment for personnel to experience actual threat events, including cyber-attacks that disable websites, ransomware attacks that encrypt organizational data on servers, hurricanes that damage or destroy organizational facilities, or hardware or software failures.

Practitioner Notes

This enhancement requires training to include simulated events — not just reading the plan, but practicing the response in realistic scenarios.

Example 1: Run a simulated ransomware scenario where IT staff practice isolating infected systems, restoring from backups, and communicating with leadership under time pressure.

Example 2: Conduct a simulated data center failure exercise where staff practice failing over to the backup site using your documented contingency procedures.

More Contingency Planning Controls

CP-1 Policy and Procedures CP-2 Contingency Plan CP-2(1) Coordinate with Related Plans CP-2(2) Capacity Planning