Navigate

CCI-003555

CCI-003555 Definition

The organization provides an organized and effective response to privacy incidents in accordance with the organizational Privacy Incident Response Plan.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

The organization being inspected/assessed documents and implements a process to provides an organized and effective response to privacy incidents in accordance with the organizational Privacy Incident Response Plan. The revision of DoD 5400.11-R into a manual provides DoD-enterprise-level guidance on breach reporting. Components may decide to augment this with their own incident response plan. The privacy incident response plan, which may be included as a part of your existing response plan.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the documented process to ensure the organization being inspected/assessed provides an organized and effective response to privacy incidents in accordance with the organizational Privacy Incident Response Plan.

Compelling Evidence

Show historical evidence of implementing the Privacy Incident Response Plan.

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-003555.

Control	Description
SE-2	The organization: SE-2a.: Develops and implements a Privacy Incident Response Plan; and SE-2b.: Provides an organized and effective response to privacy incidents in accordance with the organizational Privacy Incident Response Plan.