500.16(a)—500.16(a)
>Control Description
As part of its cybersecurity program, each covered entity shall establish written plans that contain proactive measures to investigate and mitigate cybersecurity events and to ensure operational resilience, including but not limited to incident response, business continuity and disaster recovery plans.
>Cross-Framework Mappings
Ask AI
Configure your API key to use AI features.