Back

Include the frequency of similar incidents occurring in the incident response report.


CONTROL ID
12712
CONTROL TYPE
Establish/Maintain Documentation
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Create an incident response report following an incident response., CC ID: 12700

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • How often had a similar incident occurred over the last 3 years? (§ 7.3.12.a.iv., Monetary Authority of Singapore: Technology Risk Management Guidelines)
  • Financial entities shall monitor the effectiveness of the implementation of their digital operational resilience strategy set out in Article 6(8). They shall map the evolution of ICT risk over time, analyse the frequency, types, magnitude and evolution of ICT-related incidents, in particular cyber-a… (Art. 13.4., Regulation (EU) 2022/2554 of the European Parliament and of the Council of 14 December 2022 on digital operational resilience for the financial sector and amending Regulations (EC) No 1060/2009, (EU) No 648/2012, (EU) No 600/2014, (EU) No 909/2014 and (EU) 2016/1011 (Text with EEA relevance))
  • determining if similar incidents have occurred, if nonconformities exist, or if they could potentially occur; (§ 10.2 ¶ 2 b) 3), ISO 45001:2018, Occupational health and safety management systems — Requirements with guidance for use, First Edition)