IR-4(1): Automated Incident Handling Processes

Control Family:

Incident Response

Parent Control:

IR-4: Incident Handling

CSF v1.1 References:

ID.SC-5
DE.AE-2
DE.AE-3
DE.AE-4
DE.AE-5
RS.AN-1
RS.AN-2
RS.AN-3
RS.AN-4
RS.CO-3
RS.CO-4
RS.IM-1
RS.IM-2
RS.MI-1
RS.MI-2
RS.RP-1
RC.CO-1
RC.CO-2
RC.CO-3
RC.IM-1
RC.IM-2
RC.RP-1

Baselines:

Moderate
High

Previous Version:

NIST Special Publication 800-53 Revision 4:
IR-4(1): Automated Incident Handling Processes

Control Statement

Support the incident handling process using [Assignment: organization-defined automated mechanisms].

Supplemental Guidance

Automated mechanisms that support incident handling processes include online incident management systems and tools that support the collection of live response data, full network packet capture, and forensic analysis.

Control Statement

Supplemental Guidance

Related Controls

Critical Security Controls Version 8