Mechanisms exist to regularly review and modify incident response practices to incorporate lessons learned, business process changes and industry developments, as necessary.

Does the organization regularly review and modify incident response practices to incorporate lessons learned, business process changes and industry developments, as necessary?