17.4: Establish and Maintain an Incident Response Process

CSF v1.1 References:

ID.GV-2
PR.IP-9
DE.DP-1
RS.CO-1

PF v1.0 References:

GV.PO-P3
PR.PO-P7

Group:

Previous Version:

Critical Security Controls Version 7.1:
19.1: Document Incident Response Procedures

Control Statement

Establish and maintain an incident response process that addresses roles and responsibilities, compliance requirements, and a communication plan. Review annually, or when significant enterprise changes occur that could impact this Safeguard.

[csf.tools Note: For more information on the Critical Security Controls, visit the Center for Internet Security.]

Control Statement

Related Controls

NIST Special Publication 800-53 Revision 5

NIST Special Publication 800-171 Revision 2

NIST Special Publication 800-53 Revision 4