The purpose of this control is to ensure IllumiDesk creates, implements, and maintains an effective plan to identify, resolve, and prevent security incidents within its application, systems, and services. By having an organized and continually evolving security incident response plan, IllumiDesk can maintain the availability, reliability, performance, and confidentiality offered to IllumiDesk customers, IllumiDesk team-members, and partners. This control can be tested by first proving that IllumiDesk has sufficient documentation in place for an efficient Incident Response plan. This can include documentation pertaining to the handbook pages, Merge requests, and issues opened in reference to and in adherence to the IR plan. It can then be confirmed that any security incident that was reported (if applicable) followed the IR plan documentation.