CCI-002811
CCI-002811 Definition
Respond to information spills by performing additional organization-defined actions.
Status | |
Type | CheckType.policy |
Master Assessment Datasheet
Implementation Guidance
The organization being inspected/assessed documents within their incident response plan, processes to perform actions defined in IR-9, CCI 2812.
Validation Procedures
The organization conducting the inspection/assessment obtains and examines the incident response plan as well as after action reports of incidents to ensure that the organization being inspected/assessed performs actions defined in IR-9, CCI 2812.
Compelling Evidence
1.) Signed and dated Incident Response Plan, referencing information system contamination section 2.) Incident response after action reports