DE.AE-06—Information on adverse events is provided to authorized staff and tools
>Control Description
This adverse event analysis subcategory ensures that information on adverse events is provided to authorized staff and tools. Key activities include: Use cybersecurity software to generate alerts and provide them to the security operations center (SOC), incident responders, and incident response ...; Incident responders and other authorized personnel can access log analysis findings at all times; Automatically create and assign tickets in the organization’s ticketing system when certain types of alerts occur.
>Cross-Framework Mappings
NIST SP 800-53 r5
via NIST CSF 2.0 Concept CrosswalkISO 27001:2022
via NIST OLIR Catalog>Informative References
Official NIST mappings to external frameworks and standards. Source: NIST CSF 2.0
CCMv4.0
CCC-07
LOG-03
LOG-05
LOG-13
SEF-05
SEF-06
CRI Profile v2.0
DE.AE-06
DE.AE-06.01
CSF v1.1
DE.DP-4
ISO/IEC 27001:2022
Mandatory Clause: None
Annex A Controls: 5.26
NICE Framework
IO-WRL-006
PD-WRL-001
PD-WRL-005
PD-WRL-006
PD-WRL-007
PCI DSS
12.10.1
10.3.1
10.3.3
12.10.3
SCF
MON-01.8
MON-01.12
MON-02
MON-02.1
IRO-02
IRO-02.4
IRO-04
IRO-07
+2 more
SP 800-171 Rev 3
03.06.01
SP 800-53 Rev 5.1.1
IR-04
PM-15
PM-16
RA-03
RA-10
SP 800-53 Rev 5.2.0
IR-04
PM-15
PM-16
RA-04
RA-10
Ask AI
Configure your API key to use AI features.