Navigate

CCI-000850

CCI-000850 Definition

Communicate incident response plan changes to organization-defined incident response personnel (identified by name and/or by role) and organizational elements.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

Validation Procedures

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-000850.

Control	Description
IR-8	The organization: a: Develops an incident response plan that: 1: Provides the organization with a roadmap for implementing its incident response capability; 2: Describes the structure and organization of the incident response capability; 3: Provides a high-level approach for how the incident response capability fits into the overall organization; 4: Meets the unique requirements of the organization, which relate to mission, size, structure, and functions; 5: Defines reportable incidents; 6: Provides metrics for measuring the incident response capability within the organization; 7: Defines the resources and management support needed to effectively maintain and mature an incident response capability; and 8: Is reviewed and approved by [one of ]; b: Distributes copies of the incident response plan to [one of ]; c: Reviews the incident response plan [one of ]; d: Updates the incident response plan to address system/organizational changes or problems encountered during plan implementation, execution, or testing; e: Communicates incident response plan changes to [one of ]; and f: Protects the incident response plan from unauthorized disclosure and modification.

Control

Description

IR-8

The organization:

a: Develops an incident response plan that:
- 1: Provides the organization with a roadmap for implementing its incident response capability;
- 2: Describes the structure and organization of the incident response capability;
- 3: Provides a high-level approach for how the incident response capability fits into the overall organization;
- 4: Meets the unique requirements of the organization, which relate to mission, size, structure, and functions;
- 5: Defines reportable incidents;
- 6: Provides metrics for measuring the incident response capability within the organization;
- 7: Defines the resources and management support needed to effectively maintain and mature an incident response capability; and
- 8: Is reviewed and approved by [one of ];

b: Distributes copies of the incident response plan to [one of ];

c: Reviews the incident response plan [one of ];

d: Updates the incident response plan to address system/organizational changes or problems encountered during plan implementation, execution, or testing;

e: Communicates incident response plan changes to [one of ]; and

f: Protects the incident response plan from unauthorized disclosure and modification.