SI-5—Security Alerts, Advisories, And Directives
PBMM (P1)
Secret (P1)
Operational
>Control Description
(A) The organization receives information system security alerts, advisories, and directives from ⚙organization-defined external organizations on an ongoing basis. (B) The organization generates internal security alerts, advisories, and directives as deemed necessary. (C) The organization disseminates security alerts, advisories, and directives to: [Selection (one or more): ⚙organization-defined personnel or roles; ⚙organization-defined elements within the organization; ⚙organization-defined external organizations]. (D) The organization implements security directives in accordance with established time frames, or notifies the issuing organization of the degree of non-compliance.
>Supplemental Guidance
Compliance to security directives is essential due to the critical nature of many of these directives and the potential immediate adverse effects on organizational operations and assets, individuals, other organizations, and Canada should the directives not be implemented in a timely manner. External organizations include, for example, external mission/business partners, supply chain partners, external service providers, and other peer/supporting organizations. Related control: SI-2
>Profile-Specific Parameters
(C) list [list of roles]
Ask AI
Configure your API key to use AI features.