SEF-04: Incident Response Legal Preparation

PF v1.0 References:

Warning icon.

Control is withdrawn in the next version of this control set and incorporated into: SEF-07: Security Breach Notification.

Control Statement

Proper forensic procedures, including chain of custody, are required for the presentation of evidence to support potential legal action subject to the relevant jurisdiction after an information security incident. Upon notification, customers and/or other external business partners impacted by a security breach shall be given the opportunity to participate as is legally permissible in the forensic investigation.

[ Note: For more information on the Cloud Controls Matrix, visit the CSA Cloud Controls Matrix Homepage.]

Cloud Control Matrix is Copyright 2023 Cloud Security Alliance.