Navigate

CCI-002639

CCI-002639 Definition

The organization incorporates the results from malicious code analysis into organizational incident response processes.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

The organization being inspected/assessed incorporates the results from malicious code analysis into organizational incident response processes.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the organizational incident response processes to ensure the organization being inspected/assessed incorporates the results from malicious code analysis into organizational incident response processes.

Compelling Evidence

1.) Signed and dated system security plan. 2.) Incident response processes that incorporate the results from malicious code analysis into organizational incident response processes.

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-002639.

Control	Description
SI-3 (10)	The organization: SI-3 (10)(a): Employs [Assignment: organization-defined tools and techniques] to analyze the characteristics and behavior of malicious code; and SI-3 (10)(b): Incorporates the results from malicious code analysis into organizational incident response and flaw remediation processes.