17.5: Assign Key Roles and Responsibilities

CSF v1.1 References:


Previous Version:

Control Statement

Assign key roles and responsibilities for incident response, including staff from legal, IT, information security, facilities, public relations, human resources, incident responders, and analysts, as applicable. Review annually, or when significant enterprise changes occur that could impact this Safeguard.

[csf.tools Note: For more information on the Critical Security Controls, visit the Center for Internet Security.]