Navigate

CCI-000834

CCI-000834 Definition

The organization defines a time period for personnel to report suspected security incidents to the organizational incident response capability.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

DoD has defined the time period as the timeframes specified by CJCSM 6510.01B (Table C-A-1) unless the data owner provides more restrictive guidance. If organizations decide to be more restrictive than the guidance in the CJCSM, then they should address the more restrictive response time requirements in their incident response plan.

Validation Procedures

The organization being inspected/assessed is automatically compliant with this CCI because they are covered at the DoD level. DoD has defined the time period as the timeframes specified by CJCSM 6510.01B (Table C-A-1) unless the data owner provides more restrictive guidance. The organization conducting the inspection/assessment obtains and examines the incident response plan to determine if more stringent response time requirements have been identified.

Compelling Evidence

Automatically compliant

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-000834.

Control	Description
IR-6	The organization: IR-6a.: Requires personnel to report suspected security incidents to the organizational incident response capability within [Assignment: organization-defined time period]; and IR-6b.: Reports security incident information to [Assignment: organization-defined authorities].