Test
Through the use of the Cisco Security Wheel, an organization may have developed a strong security policy, secured the network properly, and implemented comprehensive monitoring and response techniques. The next step is to thoroughly and regularly test these constructs to ensure validity, accuracy, and effectiveness.
Testing can take the form of scanning across firewalls, servers, and IDS to ensure correct configuration. Oftentimes, an organization will seek external audits of the infrastructure for objectivity. Testing should also include assessment of administrative responses through mock events and practice drills. Doing so not only helps identify areas of weakness, but provides training and rehearsal time to finely tune the security team's responses.
Testing should be regular and repetitive, and should be clearly defined in the security policy.