CCI-003555

The organization provides an organized and effective response to privacy incidents in accordance with the organizational Privacy Incident Response Plan.

Implementation Guidance

The organization being inspected/assessed documents and implements a process to provides an organized and effective response to privacy incidents in accordance with the organizational Privacy Incident Response Plan. The revision of DoD 5400.11-R into a manual provides DoD-enterprise-level guidance on breach reporting. Components may decide to augment this with their own incident response plan. The privacy incident response plan, which may be included as a part of your existing response plan.

Validation Procedures

The organization conducting the inspection/assessment obtains and examines the documented process to ensure the organization being inspected/assessed provides an organized and effective response to privacy incidents in accordance with the organizational Privacy Incident Response Plan.

Compelling Evidence

Show historical evidence of implementing the Privacy Incident Response Plan.

The controls below (if any) were marked by NIST as being related to CCI-003555.