Under active development — Content is continuously updated and improved

IRO-02—Incident Handling

Weight: 10

>Control Description

Mechanisms exist to cover: (1) Preparation; (2) Automated event detection or manual incident report intake; (3) Analysis; (4) Containment; (5) Eradication; and (6) Recovery.

>Cross-Framework Mappings

NIST SP 800-53 r5

PCI DSS v4.0.1

CIS Controls v8

SOC 2 TSC

CMMC v2.0

NIST SP 800-171

FedRAMP Rev 5

NIST AI RMF

Canada ITSP 10.171

OSFI B-13

Australia Essential Eight

Australia ISM

India SEBI Guidelines

New Zealand HISF

New Zealand HISF Suppliers

Saudi Arabia IoT Guidelines

Spain ENS

UAE NIAF

UK CAF

UK DEF STAN 05-138

CIS Controls v8.1 (Detailed)

GovRAMP

IMO Maritime Cyber Risk

ISO 27002:2022

ISO 42001:2023 (Detailed)

NAIC Model Law 668

NIST SP 800-161

NIST SP 800-171 Rev 3

NIST SP 800-171A Rev 3

TISAX

Data Privacy Management Principles

FBI CJIS

DHS TIC 3.0

CISA CPG

DoD Zero Trust Roadmap

FCA CRM

609.930(c)(3)(i)

609.930(c)(3)(ii)

609.930(c)(3)(iii)

GLBA (16 CFR 314)

HIPAA Simplification 2013

§ 164.308(a)(6)(ii)

NERC CIP

CIP-008-6 1.2.1

SEC Cybersecurity Rule

Form 8-K Item 1.05(a)

NY DFS 23 NYCRR 500

Ask AI

Configure your API key to use AI features.