Back

Include an executive summary of the incident in the incident response report.


CONTROL ID
12702
CONTROL TYPE
Establish/Maintain Documentation
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Create an incident response report following an incident response., CC ID: 12700

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • Details relating to information security incidents and their impact (Critical components of information security 22) iii. Bullet 1, Guidelines on Information Security, Electronic Banking, Technology Risk Management and Cyber Frauds)
  • an executive summary of the relevant incident; (Technology Risk Management ¶ 8 (a), Monetary Authority of Singapore: Securities and Futures Act (CAP. 289) Notice on Technology Risk Management, Amendment 2018)
  • an executive summary of the relevant incident; (Technology Risk Management ¶ 8 (a), Monetary Authority of Singapore: Securities and Futures Act (CAP. 289) Notice on Technology Risk Management, Notice No.: CMG-N02)
  • A summary description of the SCI event; and (§242.1002(c)(1)(i)(B), 17 CFR PART 242, Regulations M, SHO, ATS, AC, NMS, and SBSR and Customer Margin Requirements for Security Futures)
  • a description of each major information security incident that involved a breach of personally identifiable information, as defined by the Director, including— (§ 3554(c)(1)(A)(iii), Federal Information Security Modernization Act of 2014)
  • the total number of information security incidents, including a description of incidents resulting in significant compromise of information security, system impact levels, types of incident, and locations of affected systems; (§ 3554(c)(1)(A)(ii), Federal Information Security Modernization Act of 2014)
  • Catastrophic act report. Each federally insured credit union will notify the regional director within 5 business days of any catastrophic act that occurs at its office(s). A catastrophic act is any disaster, natural or otherwise, resulting in physical destruction or damage to the credit union or cau… (§ 748.1 (b), 12 CFR Part 748, NCUA Guidelines for Safeguarding Member Information, July 1, 2001)