19.4: Devise Organization-wide Standards for Reporting Incidents

CSF v1.1 References:

Group:

Info icon.

The next version of the control set incorporates all or part of this control into: 17.3: Establish and Maintain an Enterprise Process for Reporting Incidents.

Control Statement

Devise organization-wide standards for the time required for system administrators and other workforce members to report anomalous events to the incident handling team, the mechanisms for such reporting, and the kind of information that should be included in the incident notification.

[csf.tools Note: For more information on the Critical Security Controls, visit the Center for Internet Security.]