Back

Include the extent of the incident in the incident response report.


CONTROL ID
12715
CONTROL TYPE
Establish/Maintain Documentation
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Create an incident response report following an incident response., CC ID: 12700

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • Extent, duration or scope of the incident including information on the systems, resources, customers that were affected; (§ 7.3.12.b.i., Monetary Authority of Singapore: Technology Risk Management Guidelines)
  • the geographical spread with regard to the areas affected by the ICT-related incident, particularly if it affects more than two Member States; (Art. 18.1.(c), Regulation (EU) 2022/2554 of the European Parliament and of the Council of 14 December 2022 on digital operational resilience for the financial sector and amending Regulations (EC) No 1060/2009, (EU) No 648/2012, (EU) No 600/2014, (EU) No 909/2014 and (EU) 2016/1011 (Text with EEA relevance))
  • The level of intrusion that was achieved or attempted. (CIP-008-6 Table R4 Part 4.1 Requirements ¶ 1 4.1.3, North American Electric Reliability Corporation Critical Infrastructure Protection Standards Cyber Security - Incident Reporting and Response Planning CIP-008-6, Version 6)