>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

IR-8Incident Response Plan

>Control Description

a

Develop an incident response plan that:

1.

Provides the organization with a roadmap for implementing its incident response capability;

2.

Describes the structure and organization of the incident response capability;

3.

Provides a high-level approach for how the incident response capability fits into the overall organization;

4.

Meets the unique requirements of the organization, which relate to mission, size, structure, and functions;

5.

Defines reportable incidents;

6.

Provides metrics for measuring the incident response capability within the organization;

7.

Defines the resources and management support needed to effectively maintain and mature an incident response capability;

8.

Addresses the sharing of incident information;

9.

Is reviewed and approved by the organization’s/agency’s executive leadership annually; and

10.

Explicitly designates responsibility for incident response to organizational personnel with incident reporting responsibilities and CSO or CJIS WAN Official.

b

Distribute copies of the incident response plan to organizational personnel with incident handling responsibilities;

c

Update the incident response plan to address system and organizational changes or problems encountered during plan implementation, execution, or testing;

d

Communicate incident response plan changes to organizational personnel with incident handling responsibilities; and

e

Protect the incident response plan from unauthorized disclosure and modification.

>Cross-Framework Mappings

SCF

IRO-04
Compare

Ask AI

Configure your API key to use AI features.