Which document is NOT typically used to guide response actions after a cyber incident?

The Marine Cybersecurity Assessment Guidance (MCAAG) is primarily used as a framework to assess cybersecurity risks and vulnerabilities within maritime operations, rather than providing direct guidance for response actions after a cyber incident. Its focus is on evaluation and preparedness, which ensures that organizations understand their cyber posture and can take preventative measures.

On the other hand, the Incident Response Plan outlines the specific actions and procedures to be followed in the event of a cyber incident, ensuring a structured and efficient response to minimize damage. The System Recovery Procedure details the steps necessary to restore systems to operational status after a breach, and the Business Continuity Plan addresses how an organization will continue to operate during and after a cyber incident, detailing recovery strategies for critical functions. Each of these documents plays a crucial role in managing and mitigating the impact of cybersecurity incidents, distinctly highlighting the MCAAG's role as more of an assessment tool rather than a response guide.