CCI-002810
CCI-002810 Definition
Respond to information spills by identifying other systems or system components that may have been subsequently contaminated.
Status | |
Type | CheckType.policy |
Master Assessment Datasheet
Implementation Guidance
The organization being inspected/assessed documents within their incident response plan, a process to identify other information systems or system components that may have been subsequently contaminated.
Validation Procedures
The organization conducting the inspection/assessment obtains and examines the incident response plan as well as after action reports of incidents to ensure that the organization being inspected/assessed identifies other information systems or system components that may have been subsequently contaminated.
Compelling Evidence
1.) Signed and dated Incident Response Plan, referencing information system contamination section 2.) Incident response after action reports