Back

Include a description of the impact the incident had on customer service in the incident response report.


CONTROL ID
12735
CONTROL TYPE
Establish/Maintain Documentation
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Create an incident response report following an incident response., CC ID: 12700

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • service to its customers; and (Technology Risk Management ¶ 8 (c) iii., Monetary Authority of Singapore: Securities and Futures Act (CAP. 289) Notice on Technology Risk Management, Amendment 2018)
  • service to its customers; and (Technology Risk Management ¶ 8 (c) iii., Monetary Authority of Singapore: Securities and Futures Act (CAP. 289) Notice on Technology Risk Management, Notice No.: CMG-N02)
  • a detailed description of the incident, including its severity and impact; (Article 23 4 ¶ 1(d)(i), DIRECTIVE (EU) 2022/2555 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 14 December 2022 on measures for a high common level of cybersecurity across the Union, amending Regulation (EU) No 910/2014 and Directive (EU) 2018/1972, and repealing Directive (EU) 2016/1148 (NIS 2 Directive))
  • the duration of the ICT-related incident, including the service downtime; (Art. 18.1.(b), Regulation (EU) 2022/2554 of the European Parliament and of the Council of 14 December 2022 on digital operational resilience for the financial sector and amending Regulations (EC) No 1060/2009, (EU) No 648/2012, (EU) No 600/2014, (EU) No 909/2014 and (EU) 2016/1011 (Text with EEA relevance))