Navigate

CCI-000810

CCI-000810 Definition

The organization disseminates incident response procedures to organization-defined personnel or roles.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

DoD disseminates via http://www.dtic.mil/cjcs_directives/, CJCSI 6510.01F "Information Assurance and Support to Computer Network Defense," CJCSM 6510.01B, "Cyber Incident Handling Program," DoDD O-8530.1, and DoDI O-8530.2 to all personnel identified as stakeholders in the incident response process, as well as the ISSM and ISSO. DoD Components are automatically compliant with this CCI because they are covered by the DoD level with the following policies: CJCSI 6510.01F, CJCSM 6510.01B, DoDD O-8530.1, and DoDI O-8530.2. DoD has defined the roles as all personnel identified as stakeholders in the incident response process, as well as the ISSM and ISSO.

Validation Procedures

CJCSI 6510.01F "Information Assurance and Support to Computer Network Defense," CJCSM 6510.01B, "Cyber Incident Handling Program," DoDD O-8530.1, and DoDI O-8530.2 meet the DoD requirements for incident response policy and procedures. DoD Components are automatically compliant with this CCI because they are covered by the DoD level with the following policies: CJCSI 6510.01F, CJCSM 6510.01B, DoDD O-8530.1, and DoDI O-8530.2. DoD has defined the roles as all personnel identified as stakeholders in the incident response process, as well as the ISSM and ISSO.

Compelling Evidence

Automatically compliant per CJCSI 6510.01F, CJCSM 6510.01B, DoDD O-8530.1, and DoDI O-8530.2

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-000810.

Control	Description
IR-1	The organization: IR-1a.: Develops, documents, and disseminates to [Assignment: organization-defined personnel or roles]: IR-1a.1.: An incident response policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and IR-1a.2.: Procedures to facilitate the implementation of the incident response policy and associated incident response controls; and IR-1b.: Reviews and updates the current: IR-1b.1.: Incident response policy [Assignment: organization-defined frequency]; and IR-1b.2.: Incident response procedures [Assignment: organization-defined frequency].

Control

Description

IR-1

The organization:

IR-1a.: Develops, documents, and disseminates to [Assignment: organization-defined personnel or roles]:
- IR-1a.1.: An incident response policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and
- IR-1a.2.: Procedures to facilitate the implementation of the incident response policy and associated incident response controls; and

IR-1b.: Reviews and updates the current:
- IR-1b.1.: Incident response policy [Assignment: organization-defined frequency]; and
- IR-1b.2.: Incident response procedures [Assignment: organization-defined frequency].