Back

Include the resources needed for incident response in the incident response plan.


CONTROL ID
14292
CONTROL TYPE
Establish/Maintain Documentation
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS




This Control directly supports the implied Control(s):
  • Establish, implement, and maintain an incident response plan., CC ID: 12056

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH




  • Each Member State shall designate or establish one or more competent authorities responsible for the management of large-scale cybersecurity incidents and crises (cyber crisis management authorities). Member States shall ensure that those authorities have adequate resources to carry out, in an effec… (Article 9 1., DIRECTIVE (EU) 2022/2555 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 14 December 2022 on measures for a high common level of cybersecurity across the Union, amending Regulation (EU) No 910/2014 and Directive (EU) 2018/1972, and repealing Directive (EU) 2016/1148 (NIS 2 Directive))
  • Member States shall ensure that each CSIRT has adequate resources to carry out effectively its tasks as set out in Article 11(3). (Article 10 2., DIRECTIVE (EU) 2022/2555 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 14 December 2022 on measures for a high common level of cybersecurity across the Union, amending Regulation (EU) No 910/2014 and Directive (EU) 2018/1972, and repealing Directive (EU) 2016/1148 (NIS 2 Directive))
  • Member States shall ensure that their CSIRTs jointly have the technical capabilities necessary to carry out the tasks referred to in paragraph 3. Member States shall ensure that sufficient resources are allocated to their CSIRTs to ensure adequate staffing levels for the purpose of enabling the CSIR… (Article 11 2., DIRECTIVE (EU) 2022/2555 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 14 December 2022 on measures for a high common level of cybersecurity across the Union, amending Regulation (EU) No 910/2014 and Directive (EU) 2018/1972, and repealing Directive (EU) 2016/1148 (NIS 2 Directive))
  • equipment and resources needed; (8.2 ¶ 4 Bullet 4, ISO 14004:2016, Environmental management systems — General guidelines on implementation, Third Edition)
  • Defines the resources and management support needed to effectively maintain and mature an incident response capability; and (IR-8a.7., StateRAMP Security Controls Baseline Summary Category 1, Version 1.1)
  • Defines the resources and management support needed to effectively maintain and mature an incident response capability; and (IR-8a.7., StateRAMP Security Controls Baseline Summary Category 2, Version 1.1)
  • Defines the resources and management support needed to effectively maintain and mature an incident response capability; and (IR-8a.7., StateRAMP Security Controls Baseline Summary Category 3, Version 1.1)
  • Defines the resources and management support needed to effectively maintain and mature an incident response capability; and (IR-8a.7., StateRAMP Security Controls Baseline Summary High Sensitivity Level, Version 1.1)
  • Ensure additional resources for all incidents affecting FBI CJIS Division controlled systems as needed. (§ 5.3.1.1.1 ¶ 1 3., Criminal Justice Information Services (CJIS) Security Policy, CJISD-ITS-DOC-08140-5.9.1, Version 5.9.1)
  • Defines the resources and management support needed to effectively maintain and mature an incident response capability; and (IR-8a.7. High Baseline Controls, FedRAMP Baseline Security Controls, 8/28/2018)
  • Defines the resources and management support needed to effectively maintain and mature an incident response capability; and (IR-8a.7. Moderate Baseline Controls, FedRAMP Baseline Security Controls, 8/28/2018)
  • Defines the resources and management support needed to effectively maintain and mature an incident response capability; and (IR-8a.7. Low Baseline Controls, FedRAMP Baseline Security Controls, 8/28/2018)
  • Defines the resources and management support needed to effectively maintain and mature an incident response capability; (IR-8a.7., FedRAMP Security Controls High Baseline, Version 5)
  • Defines the resources and management support needed to effectively maintain and mature an incident response capability; (IR-8a.7., FedRAMP Security Controls Low Baseline, Version 5)
  • Defines the resources and management support needed to effectively maintain and mature an incident response capability; (IR-8a.7., FedRAMP Security Controls Moderate Baseline, Version 5)
  • Defines the resources and management support needed to effectively maintain and mature an incident response capability; (IR-8a.7., Control Baselines for Information Systems and Organizations, NIST SP 800-53B, High Impact Baseline, October 2020)
  • Defines the resources and management support needed to effectively maintain and mature an incident response capability; (IR-8a.7., Control Baselines for Information Systems and Organizations, NIST SP 800-53B, Low Impact Baseline, October 2020)
  • Defines the resources and management support needed to effectively maintain and mature an incident response capability; (IR-8a.7., Control Baselines for Information Systems and Organizations, NIST SP 800-53B, Moderate Impact Baseline, October 2020)
  • Defines the resources and management support needed to effectively maintain and mature an incident response capability; (IR-8a.7., Control Baselines for Information Systems and Organizations, NIST SP 800-53B, Privacy Control Baseline, October 2020)
  • Defines the resources and management support needed to effectively maintain and mature an incident response capability; (IR-8a.7., Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Baseline Controls)
  • Defines the resources and management support needed to effectively maintain and mature an incident response capability; (IR-8a.7., Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Flow Down Controls)
  • Defines the resources and management support needed to effectively maintain and mature an incident response capability; (IR-8a.7., Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Level 2 Controls)
  • Defines the resources and management support needed to effectively maintain and mature an incident response capability; (IR-8a.7., Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Level 3 Controls)
  • Defines the resources and management support needed to effectively maintain and mature an incident response capability; and (IR-8a.7. Low Baseline Controls, Guide to Industrial Control Systems (ICS) Security, Revision 2)
  • Defines the resources and management support needed to effectively maintain and mature an incident response capability; and (IR-8a.7. Moderate Baseline Controls, Guide to Industrial Control Systems (ICS) Security, Revision 2)
  • Defines the resources and management support needed to effectively maintain and mature an incident response capability; and (IR-8a.7. High Baseline Controls, Guide to Industrial Control Systems (ICS) Security, Revision 2)
  • Defines the resources and management support needed to effectively maintain and mature an incident response capability; and (IR-8a.7., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, High Impact Baseline, Revision 4)
  • Defines the resources and management support needed to effectively maintain and mature an incident response capability; and (IR-8a.7., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Low Impact Baseline, Revision 4)
  • Defines the resources and management support needed to effectively maintain and mature an incident response capability; and (IR-8a.7., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Moderate Impact Baseline, Revision 4)
  • Defines the resources and management support needed to effectively maintain and mature an incident response capability; and (IR-8a.7., Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53, Revision 4)
  • Defines the resources and management support needed to effectively maintain and mature an incident response capability; (IR-8a.7., Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5)
  • Defines the resources and management support needed to effectively maintain and mature an incident response capability; (IR-8a.7., Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5.1.1)
  • Defines the resources and management support needed to effectively maintain and mature an incident response capability; and (IR-8a.7., TX-RAMP Security Controls Baseline Level 1)
  • Defines the resources and management support needed to effectively maintain and mature an incident response capability; and (IR-8a.7., TX-RAMP Security Controls Baseline Level 2)