>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

IR-8Incident Response Plan

>Control Description

a

Develop an incident response plan that:

1.

Provides the organization with a roadmap for implementing its incident response capability;

2.

Describes the structure and organization of the incident response capability;

3.

Provides a high-level approach for how the incident response capability fits into the overall organization;

4.

Meets the unique requirements of the organization, which relate to mission, size, structure, and functions;

5.

Defines reportable incidents;

6.

Provides metrics for measuring the incident response capability within the organization;

7.

Defines the resources and management support needed to effectively maintain and mature an incident response capability;

8.

Addresses the sharing of incident information;

9.

Is reviewed and approved by organization-defined personnel or roles organization-defined frequency; and

10.

Explicitly designates responsibility for incident response to organization-defined entities, personnel, or roles.

b

Distribute copies of the incident response plan to organization-defined incident response personnel (identified by name and/or by role) and organizational elements;

c

Update the incident response plan to address system and organizational changes or problems encountered during plan implementation, execution, or testing;

d

Communicate incident response plan changes to organization-defined incident response personnel (identified by name and/or by role) and organizational elements; and

e

Protect the incident response plan from unauthorized disclosure and modification.

>Related Controls

AC-2
CP-2
CP-4
IR-4
IR-7
IR-9
PE-6
PL-2
SA-15
SI-12
SR-8

Ask AI

Configure your API key to use AI features.