What must be verified about personnel designated for incident response?

Ensuring incident response personnel are available around the clock and that this availability is real, not just on paper. Security incidents can happen at any hour, so designated responders must be reachable and able to act at any time. Verification should gather evidence from multiple sources: observe the on-call schedule and how it operates, review policies that require 24/7 coverage, and interview the designated responders to confirm they are indeed available, reachable, and prepared to respond promptly at any time. This approach shows the plan can mobilize immediately when an incident occurs. Options that limit availability to business hours, rely only on an on-call roster without 24/7 coverage, or claim no verification is needed would not ensure timely, effective response.