DE.AE-08: Incidents are declared when adverse events meet the defined incident criteria

Info icon.

Subcategory is new to this version of the framework and incorporates the following item from the previous version: DE.AE-5: Incident alert thresholds are established.

Description

[csf.tools Note: Subcategories do not have detailed descriptions. However NIST has provided the following implementation examples.]

Implementation Examples

Ex1: Apply incident criteria to known and assumed characteristics of activity in order to determine whether an incident should be declared

Ex2: Take known false positives into account when applying incident criteria

1st: 1st Party Risk