Back

Disseminate and communicate the incident response procedures to all interested personnel and affected parties.


CONTROL ID
01215
CONTROL TYPE
Establish/Maintain Documentation
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS




This Control directly supports the implied Control(s):
  • Establish, implement, and maintain an Incident Response program., CC ID: 00579

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH




  • Copies of the BCP document should be stored at locations separate from the primary sites. A summary of key steps to take in an emergency should be made available to senior management and other key personnel and kept by them in multiple locations (e.g. office, home, briefcase or AI’s website). (6.2.5, Hong Kong Monetary Authority Supervisory Policy Manual TM-G-2 Business Continuity Planning, V.1 - 02.12.02)
  • The CISO is fully aware of all cyber security incidents within their organisation. (Security Control: 0733; Revision: 2, Australian Government Information Security Manual, March 2021)
  • The Incident Response Plan should be distributed to all personnel in the organization. (§ 2.8.22, Australian Government ICT Security Manual (ACSI 33))
  • competent authorities, on the criteria on how to assess the relevance of the incident and the details of the incident reports to be shared with other domestic authorities. (Art 96(3)(b), DIRECTIVE (EU) 2015/2366 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 25 November 2015 on payment services in the internal market, amending Directives 2002/65/EC, 2009/110/EC and 2013/36/EU and Regulation (EU) No 1093/2010, and repealing Directive 2007/64/EC)
  • Within three months of the designation or establishment of the cyber crisis management authority referred to in paragraph 1, each Member State shall notify the Commission of the identity of its authority and of any subsequent changes thereto. Member States shall submit to the Commission and to the E… (Article 9 5., DIRECTIVE (EU) 2022/2555 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 14 December 2022 on measures for a high common level of cybersecurity across the Union, amending Regulation (EU) No 910/2014 and Directive (EU) 2018/1972, and repealing Directive (EU) 2016/1148 (NIS 2 Directive))
  • Each Member State shall notify the Commission without undue delay of the identity of the CSIRT referred to in paragraph 1 of this Article and the CSIRT designated as coordinator pursuant to Article 12(1), of their respective tasks in relation to essential and important entities, and of any subsequen… (Article 10 9., DIRECTIVE (EU) 2022/2555 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 14 December 2022 on measures for a high common level of cybersecurity across the Union, amending Regulation (EU) No 910/2014 and Directive (EU) 2018/1972, and repealing Directive (EU) 2016/1148 (NIS 2 Directive))
  • Policies and instructions with technical and organisational safeguards are documented, communicated and provided according to SA-01 in order to ensure a fast, effective and proper response to all known security incidents. On the part of the cloud provider, at least the roles listed in OIS-03 must be… (Section 5.13 SIM-01 Basic requirement ¶ 1, Cloud Computing Compliance Controls Catalogue (C5))
  • The entity has a comprehensive privacy incident and breach management plan which provides examples of unauthorized uses and disclosures, as well as guidelines to determine whether an incident constitutes a breach. The plan is communicated to personnel who handle PI. (M1.3 Privacy incident response plan, Privacy Management Framework, Updated March 1, 2020)
  • Do the Incident Response policies and procedures address documentation and preservation processes? (Table Row XII.8.b, OECD / World Bank Technology Risk Checklist, Version 7.3)
  • Establishing, documenting, and distributing security incident response and escalation procedures to ensure timely and effective handling of all situations? (12.5.3, Payment Card Industry (PCI) Data Security Standard, Self-Assessment Questionnaire A-EP and Attestation of Compliance, Version 3.1)
  • Establishing, documenting, and distributing security incident response and escalation procedures to ensure timely and effective handling of all situations? (12.5.3, Payment Card Industry (PCI) Data Security Standard, Self-Assessment Questionnaire B and Attestation of Compliance, Revision 1.1)
  • Establishing, documenting, and distributing security incident response and escalation procedures to ensure timely and effective handling of all situations? (12.5.3, Payment Card Industry (PCI) Data Security Standard, Self-Assessment Questionnaire B-IP and Attestation of Compliance, Version 3.1)
  • Establishing, documenting, and distributing security incident response and escalation procedures to ensure timely and effective handling of all situations? (12.5.3, Payment Card Industry (PCI) Data Security Standard, Self-Assessment Questionnaire C and Attestation of Compliance, Version 3.1)
  • Establishing, documenting, and distributing security incident response and escalation procedures to ensure timely and effective handling of all situations? (12.5.3, Payment Card Industry (PCI) Data Security Standard, Self-Assessment Questionnaire C-VT and Attestation of Compliance, Version 3.1)
  • Establishing, documenting, and distributing security incident response and escalation procedures to ensure timely and effective handling of all situations? (12.5.3, Payment Card Industry (PCI) Data Security Standard, Self-Assessment Questionnaire D and Attestation of Compliance for Merchants, Version 3.1)
  • Establishing, documenting, and distributing security incident response and escalation procedures to ensure timely and effective handling of all situations? (12.5.3, Payment Card Industry (PCI) Data Security Standard, Self-Assessment Questionnaire D and Attestation of Compliance for Service Providers, Version 3.1)
  • Establishing, documenting, and distributing security incident response and escalation procedures to ensure timely and effective handling of all situations? (12.5.3, Payment Card Industry (PCI) Data Security Standard, Self-Assessment Questionnaire P2PE and Attestation of Compliance, Version 3.1)
  • Incident management plans should be accessible to anyone who has been designated with responsibilities. The plans should be concise and contain all the elements stated in sections 8.3.2 to 8.3.6. The incident management plan should define the scope, be agreed upon by top management, and be understoo… (§ 8.3.1, § 8.3.2, § 8.5.8 ¶ 3, BS 25999-1, Business continuity management. Code of practice, 2006)
  • The business continuity and incident management plans must collectively contain the following information: existing lines of communication; key tasks; the roles and responsibilities defined for people and teams that have authority during and after an incident; criteria and guidelines stating which i… (§ 4.3.3.3, BS 25999-2, Business continuity management. Specification, 2007)
  • Procedure documentation should be readily available to all points of the organization. Incident management team members should have a copy located where they will always have access to it. This documentation will likely contain confidential and/or sensitive information, so it must be held securely. … (§ 8.4.6 ¶ 2, PAS 77 IT Service Continuity Management. Code of Practice, 2006)
  • The organization must implement an effective privacy program that includes incident response plans. (§ 2.2 (Privacy Controls) ¶ 2, IIA Global Technology Audit Guide (GTAG) 5: Managing and Auditing Privacy Risks)
  • The organization must ensure procedures are established, implemented, and maintained, with regard to the hazards, threats, risks, and organizational resilience management system, to document, record, and communicate any changes in plans, documentation, procedures, the management system and results o… (§ 4.4.3 ¶ 1(a), Organizational Resilience: Security, Preparedness, and Continuity Management Systems -- Requirements with Guidance for Use, ASIS SPC.1-2009)
  • The following departments should receive a copy of the incident report: the security department (all reports); the legal department (reports involving legal issues, such as falls); the insurance department (reports that involve losses that are insured); the auditing department (all reports); the pro… (Revised Volume 1 Pg 2-II-18, Revised Volume 4 Pg 1-I-12, Protection of Assets Manual, ASIS International)
  • (§ 3.3.2, Further Issues 3 3.3, ISF Security Audit of Networks)
  • The organization should have written incident response procedures, that includes the personnel roles for handling incidents. (Critical Control 18.1, Twenty Critical Security Controls for Effective Cyber Defense: Consensus Audit Guidelines, Version 4.0)
  • Establish and maintain an enterprise process for the workforce to report security incidents. The process includes reporting timeframe, personnel to report to, mechanism for reporting, and the minimum information to be reported. Ensure the process is publicly available to all of the workforce. Review… (CIS Control 17: Safeguard 17.3 Establish and Maintain an Enterprise Process for Reporting Incidents, CIS Controls, V8)
  • have processes, and procedures for the activation, operation, coordination, and communication of the response, (§ 8.4.2 ¶ 2 d), ISO 22301: Societal Security - Business Continuity Management Systems - Requirements, Corrected Version)
  • The organization should plan and prepare for managing information security incidents by defining, establishing and communicating information security incident management processes, roles and responsibilities. (§ 5.24 Control, ISO/IEC 27002:2022, Information security, cybersecurity and privacy protection — Information security controls, Third Edition)
  • As a part of the service specifications, the cloud service provider should define the allocation of information security incident management responsibilities and procedures between the cloud service customer and the cloud service provider. The cloud service provider should provide the cloud service … (§ 16.1.1 Table: Cloud service provider, ISO/IEC 27017:2015, Information technology — Security techniques — Code of practice for information security controls based on ISO/IEC 27002 for cloud services, First edition 2015-12-15)
  • Procedures to facilitate the implementation of the incident response policy and associated incident response controls; and (IR-1a.2., StateRAMP Security Controls Baseline Summary Category 1, Version 1.1)
  • Distributes copies of the incident response plan to [Assignment: organization-defined incident response personnel (identified by name and/or by role) and organizational elements]; (IR-8b., StateRAMP Security Controls Baseline Summary Category 1, Version 1.1)
  • Distributes copies of the incident response plan to [Assignment: organization-defined incident response personnel (identified by name and/or by role) and organizational elements]; (IR-8b., StateRAMP Security Controls Baseline Summary Category 2, Version 1.1)
  • Procedures to facilitate the implementation of the incident response policy and associated incident response controls; and (IR-1a.2., StateRAMP Security Controls Baseline Summary Category 2, Version 1.1)
  • Distributes copies of the incident response plan to [Assignment: organization-defined incident response personnel (identified by name and/or by role) and organizational elements]; (IR-8b., StateRAMP Security Controls Baseline Summary Category 3, Version 1.1)
  • Procedures to facilitate the implementation of the incident response policy and associated incident response controls; and (IR-1a.2., StateRAMP Security Controls Baseline Summary Category 3, Version 1.1)
  • Procedures to facilitate the implementation of the incident response policy and associated incident response controls; and (IR-1a.2., StateRAMP Security Controls Baseline Summary High Sensitivity Level, Version 1.1)
  • Distributes copies of the incident response plan to [Assignment: organization-defined incident response personnel (identified by name and/or by role) and organizational elements]; (IR-8b., StateRAMP Security Controls Baseline Summary High Sensitivity Level, Version 1.1)
  • An incident action plan or management by objectives must guide the emergency operations/response of the organization. (§ 5.9.5, Disaster / Emergency Management and Business Continuity, NFPA 1600, 2007 Edition)
  • Is there a documented response program with policies and procedures to address privacy incidents and unauthorized disclosure, access, or breach of client confidential information? (§ P.3.10, Shared Assessments Standardized Information Gathering Questionnaire - P. Privacy, 7.0)
  • Develop, implement, and maintain internal incident response procedures and coordinate those procedures with other organizations that may or may not be affected. (§ 5.3.1.1.2 ¶ 1(4), Criminal Justice Information Services (CJIS) Security Policy, CJISD-ITS-DOC-08140-5.8, Version 5.8)
  • The Incident Action Plan (IAP) will contain at least the following information: objectives; organizational charts; personnel assignments; plans for communications, logistics, medical responders, and safety. Each of these sections will be developed by the appropriate personnel and then be combined in… (Chap II.A.3.c(2), Tab 8.A, National Incident Management System (NIMS), Department of Homeland Security, December 2008)
  • Informing the help desk of the event, incident, or problem and how to respond. (App A Objective 16:4b Bullet 7, FFIEC Information Technology Examination Handbook - Architecture, Infrastructure, and Operations, June 2021)
  • Communication of processes to manage events, incidents, and problems to appropriate personnel. (App A Objective 16:4e, FFIEC Information Technology Examination Handbook - Architecture, Infrastructure, and Operations, June 2021)
  • Financial institutions or creditors that maintain or offer covered accounts must develop and implement a written Identity Theft Prevention Program. The Identity Theft Prevention Program must detect, prevent, and mitigate identity theft in association with a covered account and must be appropriate to… (§ 41.90(d)(1), § 222.90(d)(1), § 334.90(d)(1), § 571.90(d)(1), § 681.2(d)(1), § 717.90(d)(1), Identity Theft Red Flags and Address Discrepancies Under the Fair and Accurate Credit Transactions Act of 2003, Final Rule, November 9, 2007)
  • Distributes copies of the incident response plan to [FedRAMP Assignment: The service provider defines a list of incident response personnel (identified by name and/or by role) and organizational elements. The incident response list includes designated FedRAMP personnel.]; (IR-8b. High Baseline Controls, FedRAMP Baseline Security Controls, 8/28/2018)
  • Procedures to facilitate the implementation of the incident response policy and associated incident response controls; and (IR-1a.2. High Baseline Controls, FedRAMP Baseline Security Controls, 8/28/2018)
  • Procedures to facilitate the implementation of the incident response policy and associated incident response controls; and (IR-1a.2. Low Baseline Controls, FedRAMP Baseline Security Controls, 8/28/2018)
  • Distributes copies of the incident response plan to [FedRAMP Assignment: The service provider defines a list of incident response personnel (identified by name and/or by role) and organizational elements. The incident response list includes designated FedRAMP personnel.]; (IR-8b. Low Baseline Controls, FedRAMP Baseline Security Controls, 8/28/2018)
  • Distributes copies of the incident response plan to [FedRAMP Assignment: The service provider defines a list of incident response personnel (identified by name and/or by role) and organizational elements. The incident response list includes designated FedRAMP personnel.]; (IR-8b. Moderate Baseline Controls, FedRAMP Baseline Security Controls, 8/28/2018)
  • Procedures to facilitate the implementation of the incident response policy and associated incident response controls; and (IR-1a.2. Moderate Baseline Controls, FedRAMP Baseline Security Controls, 8/28/2018)
  • Procedures to facilitate the implementation of the incident response policy and the associated incident response controls; (IR-1a.2., FedRAMP Security Controls High Baseline, Version 5)
  • Distribute copies of the incident response plan to [FedRAMP Assignment: see additional FedRAMP Requirements and Guidance]; (IR-8b., FedRAMP Security Controls High Baseline, Version 5)
  • Procedures to facilitate the implementation of the incident response policy and the associated incident response controls; (IR-1a.2., FedRAMP Security Controls Low Baseline, Version 5)
  • Distribute copies of the incident response plan to [FedRAMP Assignment: see additional FedRAMP Requirements and Guidance]; (IR-8b., FedRAMP Security Controls Low Baseline, Version 5)
  • Procedures to facilitate the implementation of the incident response policy and the associated incident response controls; (IR-1a.2., FedRAMP Security Controls Moderate Baseline, Version 5)
  • Distribute copies of the incident response plan to [FedRAMP Assignment: see additional FedRAMP Requirements and Guidance]; (IR-8b., FedRAMP Security Controls Moderate Baseline, Version 5)
  • Does the Credit Union Security Incident Response policy include the definition of a security incident? (IT - Policy Checklist Q 33, Automated Integrated Regulatory Examination System (AIRES) IT Exam Questionnaires, version 073106A)
  • Document the organization's security incident response plan. (§ 4.6.1 Bullet 2, An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule, NIST SP 800-66, Revision 1)
  • The organization should have an incident response plan that provides a roadmap to implement the incident response capability. The plan should provide a high-level approach for how the response capability fits into the organization. The plan should relate to the size, mission, functions, and structur… (§ 2.3.2, Computer Security Incident Handling Guide, NIST SP 800-61, Revision 1)
  • Procedures to facilitate the implementation of the incident response policy and the associated incident response controls; (IR-1a.2., Control Baselines for Information Systems and Organizations, NIST SP 800-53B, High Impact Baseline, October 2020)
  • Distribute copies of the incident response plan to [Assignment: organization-defined incident response personnel (identified by name and/or by role) and organizational elements]; (IR-8b., Control Baselines for Information Systems and Organizations, NIST SP 800-53B, High Impact Baseline, October 2020)
  • Distribute copies of the incident response plan to [Assignment: organization-defined incident response personnel (identified by name and/or by role) and organizational elements]; (IR-8b., Control Baselines for Information Systems and Organizations, NIST SP 800-53B, Low Impact Baseline, October 2020)
  • Procedures to facilitate the implementation of the incident response policy and the associated incident response controls; (IR-1a.2., Control Baselines for Information Systems and Organizations, NIST SP 800-53B, Low Impact Baseline, October 2020)
  • Procedures to facilitate the implementation of the incident response policy and the associated incident response controls; (IR-1a.2., Control Baselines for Information Systems and Organizations, NIST SP 800-53B, Moderate Impact Baseline, October 2020)
  • Distribute copies of the incident response plan to [Assignment: organization-defined incident response personnel (identified by name and/or by role) and organizational elements]; (IR-8b., Control Baselines for Information Systems and Organizations, NIST SP 800-53B, Moderate Impact Baseline, October 2020)
  • Procedures to facilitate the implementation of the incident response policy and the associated incident response controls; (IR-1a.2., Control Baselines for Information Systems and Organizations, NIST SP 800-53B, Privacy Control Baseline, October 2020)
  • Distribute copies of the incident response plan to [Assignment: organization-defined incident response personnel (identified by name and/or by role) and organizational elements]; (IR-8b., Control Baselines for Information Systems and Organizations, NIST SP 800-53B, Privacy Control Baseline, October 2020)
  • Procedures to facilitate the implementation of the incident response policy and the associated incident response controls; (IR-1a.2., Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Baseline Controls)
  • Distribute copies of the incident response plan to [Assignment: organization-defined incident response personnel (identified by name and/or by role) and organizational elements]; (IR-8b., Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Baseline Controls)
  • Procedures to facilitate the implementation of the incident response policy and the associated incident response controls; (IR-1a.2., Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Flow Down Controls)
  • Distribute copies of the incident response plan to [Assignment: organization-defined incident response personnel (identified by name and/or by role) and organizational elements]; (IR-8b., Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Flow Down Controls)
  • Procedures to facilitate the implementation of the incident response policy and the associated incident response controls; (IR-1a.2., Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Level 1 Controls)
  • Procedures to facilitate the implementation of the incident response policy and the associated incident response controls; (IR-1a.2., Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Level 2 Controls)
  • Distribute copies of the incident response plan to [Assignment: organization-defined incident response personnel (identified by name and/or by role) and organizational elements]; (IR-8b., Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Level 2 Controls)
  • Procedures to facilitate the implementation of the incident response policy and the associated incident response controls; (IR-1a.2., Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Level 3 Controls)
  • Distribute copies of the incident response plan to [Assignment: organization-defined incident response personnel (identified by name and/or by role) and organizational elements]; (IR-8b., Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Level 3 Controls)
  • Organizational records and documents should be examined to ensure the incident response policy and procedures are documented, disseminated, reviewed, and updated and specific responsibilities and actions are defined for the implementation of the incident response policy and procedures control. Any p… (IR-1, Guide for Assessing the Security Controls in Federal Information Systems, NIST SP 800-53A)
  • Procedures to facilitate the implementation of the incident response policy and associated incident response controls; and (IR-1a.2. Low Baseline Controls, Guide to Industrial Control Systems (ICS) Security, Revision 2)
  • Procedures to facilitate the implementation of the incident response policy and associated incident response controls; and (IR-1a.2. Moderate Baseline Controls, Guide to Industrial Control Systems (ICS) Security, Revision 2)
  • Procedures to facilitate the implementation of the incident response policy and associated incident response controls; and (IR-1a.2. High Baseline Controls, Guide to Industrial Control Systems (ICS) Security, Revision 2)
  • Distributes copies of the incident response plan to [Assignment: organization-defined incident response personnel (identified by name and/or by role) and organizational elements]; (IR-8b. Low Baseline Controls, Guide to Industrial Control Systems (ICS) Security, Revision 2)
  • Distributes copies of the incident response plan to [Assignment: organization-defined incident response personnel (identified by name and/or by role) and organizational elements]; (IR-8b. Moderate Baseline Controls, Guide to Industrial Control Systems (ICS) Security, Revision 2)
  • Distributes copies of the incident response plan to [Assignment: organization-defined incident response personnel (identified by name and/or by role) and organizational elements]; (IR-8b. High Baseline Controls, Guide to Industrial Control Systems (ICS) Security, Revision 2)
  • The organization must distribute copies of the incident response plan to incident response personnel, identified by name and/or role, and to organizational elements. (App F § IR-8.b, Recommended Security Controls for Federal Information Systems, NIST SP 800-53)
  • The organization develops an incident response plan that is reviewed and approved by {organizationally documented personnel}. (IR-8a.8., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Deprecated, Revision 4, Deprecated)
  • The organization develops an incident response plan that is reviewed and approved by {organizationally documented roles}. (IR-8a.8., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Deprecated, Revision 4, Deprecated)
  • The organization distributes copies of the incident response plan to {organizationally documented organizational response personnel}. (IR-8b., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Deprecated, Revision 4, Deprecated)
  • The organization distributes copies of the incident response plan to {organizationally documented organizational response roles}. (IR-8b., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Deprecated, Revision 4, Deprecated)
  • The organization distributes copies of the incident response plan to {organizationally documented organizational response elements}. (IR-8b., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Deprecated, Revision 4, Deprecated)
  • The organization develops an incident response plan that is reviewed and approved by {organizationally documented personnel}. (IR-8a.8., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, High Impact Baseline, Deprecated, Revision 4, Deprecated)
  • The organization develops an incident response plan that is reviewed and approved by {organizationally documented roles}. (IR-8a.8., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, High Impact Baseline, Deprecated, Revision 4, Deprecated)
  • The organization distributes copies of the incident response plan to {organizationally documented organizational response personnel}. (IR-8b., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, High Impact Baseline, Deprecated, Revision 4, Deprecated)
  • The organization distributes copies of the incident response plan to {organizationally documented organizational response roles}. (IR-8b., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, High Impact Baseline, Deprecated, Revision 4, Deprecated)
  • The organization distributes copies of the incident response plan to {organizationally documented organizational response elements}. (IR-8b., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, High Impact Baseline, Deprecated, Revision 4, Deprecated)
  • The organization develops an incident response plan that is reviewed and approved by {organizationally documented personnel}. (IR-8a.8., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Low Impact Baseline, Deprecated, Revision 4, Deprecated)
  • The organization develops an incident response plan that is reviewed and approved by {organizationally documented roles}. (IR-8a.8., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Low Impact Baseline, Deprecated, Revision 4, Deprecated)
  • The organization distributes copies of the incident response plan to {organizationally documented organizational response personnel}. (IR-8b., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Low Impact Baseline, Deprecated, Revision 4, Deprecated)
  • The organization distributes copies of the incident response plan to {organizationally documented organizational response roles}. (IR-8b., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Low Impact Baseline, Deprecated, Revision 4, Deprecated)
  • The organization distributes copies of the incident response plan to {organizationally documented organizational response elements}. (IR-8b., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Low Impact Baseline, Deprecated, Revision 4, Deprecated)
  • The organization develops an incident response plan that is reviewed and approved by {organizationally documented personnel}. (IR-8a.8., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Moderate Impact Baseline, Deprecated, Revision 4, Deprecated)
  • The organization develops an incident response plan that is reviewed and approved by {organizationally documented roles}. (IR-8a.8., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Moderate Impact Baseline, Deprecated, Revision 4, Deprecated)
  • The organization distributes copies of the incident response plan to {organizationally documented organizational response personnel}. (IR-8b., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Moderate Impact Baseline, Deprecated, Revision 4, Deprecated)
  • The organization distributes copies of the incident response plan to {organizationally documented organizational response roles}. (IR-8b., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Moderate Impact Baseline, Deprecated, Revision 4, Deprecated)
  • The organization distributes copies of the incident response plan to {organizationally documented organizational response elements}. (IR-8b., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Moderate Impact Baseline, Deprecated, Revision 4, Deprecated)
  • Procedures to facilitate the implementation of the incident response policy and associated incident response controls; and (IR-1a.2., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, High Impact Baseline, Revision 4)
  • Distributes copies of the incident response plan to [Assignment: organization-defined incident response personnel (identified by name and/or by role) and organizational elements]; (IR-8b., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, High Impact Baseline, Revision 4)
  • Procedures to facilitate the implementation of the incident response policy and associated incident response controls; and (IR-1a.2., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Low Impact Baseline, Revision 4)
  • Distributes copies of the incident response plan to [Assignment: organization-defined incident response personnel (identified by name and/or by role) and organizational elements]; (IR-8b., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Low Impact Baseline, Revision 4)
  • Distributes copies of the incident response plan to [Assignment: organization-defined incident response personnel (identified by name and/or by role) and organizational elements]; (IR-8b., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Moderate Impact Baseline, Revision 4)
  • Procedures to facilitate the implementation of the incident response policy and associated incident response controls; and (IR-1a.2., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Moderate Impact Baseline, Revision 4)
  • Procedures to facilitate the implementation of the incident response policy and associated incident response controls; and (IR-1a.2., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Revision 4)
  • Distributes copies of the incident response plan to [Assignment: organization-defined incident response personnel (identified by name and/or by role) and organizational elements]; (IR-8b., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Revision 4)
  • Procedures to facilitate the implementation of the incident response policy and the associated incident response controls; (IR-1a.2., Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5)
  • Distribute copies of the incident response plan to [Assignment: organization-defined incident response personnel (identified by name and/or by role) and organizational elements]; (IR-8b., Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5)
  • Procedures to facilitate the implementation of the incident response policy and the associated incident response controls; (IR-1a.2., Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5.1.1)
  • Distribute copies of the incident response plan to [Assignment: organization-defined incident response personnel (identified by name and/or by role) and organizational elements]; (IR-8b., Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5.1.1)
  • Procedures to facilitate the implementation of the incident response policy and associated incident response controls; and (IR-1a.2., Supply Chain Risk Management Practices for Federal Information Systems and Organizations, NIST Special Publication 800-161, April 2015)
  • Procedures to facilitate the implementation of the incident response policy and associated incident response controls; and (IR-1a.2., TX-RAMP Security Controls Baseline Level 1)
  • Distributes copies of the incident response plan to [Assignment: organization-defined incident response personnel (identified by name and/or by role) and organizational elements]; (IR-8b., TX-RAMP Security Controls Baseline Level 1)
  • Distributes copies of the incident response plan to [Assignment: organization-defined incident response personnel (identified by name and/or by role) and organizational elements]; (IR-8b., TX-RAMP Security Controls Baseline Level 2)
  • Procedures to facilitate the implementation of the incident response policy and associated incident response controls; and (IR-1a.2., TX-RAMP Security Controls Baseline Level 2)