>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

RS.AN-03Analysis is performed to establish what has taken place during an incident and the root cause of the incident

>Control Description

This incident analysis subcategory ensures that analysis is performed to establish what has taken place during an incident and the root cause of the incident. Key activities include: Determine the sequence of events that occurred during the incident and which assets and resources were involved in each event; Attempt to determine what vulnerabilities, threats, and threat actors were directly or indirectly involved in the incident; Analyze the incident to find the underlying, systemic root causes.

>Cross-Framework Mappings

NIST SP 800-53 r5

via NIST CSF 2.0 Concept Crosswalk
AU-07
Compare
IR-04
Compare
SI-02(07)
Compare

PCI DSS v4.0.1

via NIST OLIR Catalog
10.2.1
Compare
10.2.2
Compare
10.4.1
Compare
6.3.1
Compare

ISO 27001:2022

via NIST OLIR Catalog
5.25
Compare
5.27
Compare

SOC 2 TSC

CC7.4
Compare
P6.3
Compare

CIS Controls v8

17.8
Compare

SCF

IRO-13
Compare

>Informative References

Official NIST mappings to external frameworks and standards. Source: NIST CSF 2.0

CCMv4.0

SEF-06

CIS Controls v8.0

17.8

CIS Controls v8.1

17.8

CRI Profile v2.0

RS.AN-03
RS.AN-03.01

CSF v1.1

RS.AN-3

CoP

D4

ISO/IEC 27001:2022

Mandatory Clause: None
Annex A Controls: 5.25
Annex A Controls: 5.27

NICE Framework

IO-WRL-001
IO-WRL-003
IO-WRL-006
OG-WRL-012
PD-WRL-002
PD-WRL-003
PD-WRL-004

PCI DSS

10.2.1
10.4.1
6.3.1
10.2.2

SCF

IRO-13

SP 800-171 Rev 3

03.03.06
03.06.01

SP 800-53 Rev 5.1.1

AU-07
IR-04

SP 800-53 Rev 5.2.0

AU-07
IR-04
SI-02(07)

Ask AI

Configure your API key to use AI features.