Back

Include measures to mitigate the root causes of the incident in the incident response report.


CONTROL ID
12714
CONTROL TYPE
Establish/Maintain Documentation
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Create an incident response report following an incident response., CC ID: 12700

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • a description of the remedial measures taken to address the root cause and consequences of the relevant incident. (Technology Risk Management ¶ 8 (d), Monetary Authority of Singapore: Securities and Futures Act (CAP. 289) Notice on Technology Risk Management, Amendment 2018)
  • a description of the remedial measures taken to address the root cause and consequences of the relevant incident. (Technology Risk Management ¶ 8 (d), Monetary Authority of Singapore: Securities and Futures Act (CAP. 289) Notice on Technology Risk Management, Notice No.: CMG-N02)
  • Measures to address the root cause of the incident; and (§ 7.3.12.c.ii., Monetary Authority of Singapore: Technology Risk Management Guidelines)
  • Incidents would typically be subject to root cause analysis, where the underlying cause(s) of the incident is identified and analysed and controls adjusted to reduce the likelihood and impact of a future occurrence. (¶ 73, APRA Prudential Practice Guide 234: Management of security risk in information and information technology, May 2013)
  • To minimise the impact of adverse events and enable timely recovery, financial institutions should establish appropriate processes and organisational structures to ensure a consistent and integrated monitoring, handling and follow-up of operational and security incidents and to make sure that the ro… (3.5.1 60, Final Report EBA Guidelines on ICT and security risk management)
  • problem management procedures to identify, analyse and solve the root cause behind one or more incidents — a financial institution should analyse operational or security incidents likely to affect the financial institution that have been identified or have occurred within and/or outside the organi… (3.5.1 60(c), Final Report EBA Guidelines on ICT and security risk management)
  • the remedial action taken. (§ 67(6)(c), UK Data Protection Act 2018 Chapter 12)
  • the remedial action taken. (§ 67(6)(c), UK Data Protection Act 2018 Chapter 12, Revised 06/06/2022)
  • Procedures are in place to mitigate the effects of ongoing security incidents. (CC7.4 Mitigates Ongoing Security Incidents, Trust Services Criteria)
  • Procedures are in place to mitigate the effects of ongoing security incidents. (CC7.4 ¶ 2 Bullet 3 Mitigates Ongoing Security Incidents, Trust Services Criteria, (includes March 2020 updates))
  • A description of the progress of its corrective action for the SCI event and when the SCI event has been or is expected to be resolved; and (§242.1002(c)(1)(ii)(C), 17 CFR PART 242, Regulations M, SHO, ATS, AC, NMS, and SBSR and Customer Margin Requirements for Security Futures)
  • the detection, response, and remediation actions; (§ 3554(c)(1)(A)(i)(IV), Federal Information Security Modernization Act of 2014)
  • Highlight potential areas for mitigation. (App A Objective 5.1.d, FFIEC Information Technology Examination Handbook - Information Security, September 2016)
  • Resolution of root causes rather than just specific issues. (App A Objective 1.2.b, FFIEC Information Technology Examination Handbook - Information Security, September 2016)
  • An assessment process to determine the extent of the harm, embarrassment, inconvenience, or unfairness to affected individuals and any mechanisms to mitigate such harms; and (IR-8(1) ¶ 1(b), Control Baselines for Information Systems and Organizations, NIST SP 800-53B, Privacy Control Baseline, October 2020)
  • Identify functional- and security-related features to find opportunities for new capability development to exploit or mitigate vulnerabilities. (T0410, Reference Spreadsheet for the Workforce Framework for Cybersecurity (NICE Framework)”, July 7, 2020)
  • An assessment process to determine the extent of the harm, embarrassment, inconvenience, or unfairness to affected individuals and any mechanisms to mitigate such harms; and (IR-8(1) ¶ 1(b), Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5)
  • An assessment process to determine the extent of the harm, embarrassment, inconvenience, or unfairness to affected individuals and any mechanisms to mitigate such harms; and (IR-8(1) ¶ 1(b), Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5.1.1)
  • the measures that were or will be adopted to reverse or mitigate the effects of the damage. (Art. 48 § 1 VI, Brazilian Law No. 13709, of August 14, 2018)