DE.AE-06: Information on adverse events is provided to authorized staff and tools

Info icon.

Subcategory is new to this version of the framework and incorporates the following item from the previous version: DE.DP-4: Event detection information is communicated.

Description

[csf.tools Note: Subcategories do not have detailed descriptions. However NIST has provided the following implementation examples.]

Implementation Examples

Ex1: Use cybersecurity software to generate alerts and provide them to the security operations center (SOC), incident responders, and incident response tools

Ex2: Incident responders and other authorized personnel can access log analysis findings at all times

Ex3: Automatically create and assign tickets in the organization's ticketing system when certain types of alerts occur

Ex4: Manually create and assign tickets in the organization's ticketing system when technical staff discover indicators of compromise

1st: 1st Party Risk