Xylok Scanner CCIs

Number	Definition	Status
CCI-004142	Defines the organizational entities for coordinating an incident handling capability for insider threats.	Draft
CCI-004143	Establish and maintain an integrated incident response team that can be deployed to any location identified by the organization in an organization-defined time period.	Draft
CCI-004144	Defines the time period for establishing and maintaining an integrated incident response team that can be deployed to any location identified by the organization.	Draft
CCI-004145	Analyze malicious code and/or other residual artifacts remaining in the system after the incident.	Draft
CCI-004146	Analyze anomalous or suspected adversarial behavior in or related to organization-defined environments or resources.	Draft
CCI-004147	Defines the environments or resources for analyzing anomalous or suspected adversarial behavior.	Draft
CCI-004148	Establish and maintain a security operations center.	Draft
CCI-004149	Manage public relations associated with an incident.	Draft
CCI-004150	Employ measures to repair the reputation of the organization.	Draft
CCI-004151	Track incidents using organization-defined automated mechanisms.	Draft
CCI-004152	Collect incident information using organization-defined automated mechanisms.	Draft
CCI-004153	Analyze incident information using organization-defined automated mechanisms.	Draft
CCI-004154	Defines the automated mechanisms to track, collect, and analyze incident information.	Draft
CCI-004155	Defines the automated mechanisms for reporting incidents.	Draft
CCI-004156	Provide incident information to the provider of the product or service.	Draft
CCI-004157	Develop an incident response plan that addresses the sharing of incident information.	Draft
CCI-004158	Defines the frequency organization-defined personnel or roles will review and approve the incident response plan.	Draft
CCI-004159	Develop an incident response plan that explicitly designates responsibility for incident response to organization-defined entities, personnel, or roles.	Draft
CCI-004160	Include a process to determine if notice to individuals or other organizations, including oversight organizations, is needed, in the Incident Response Plan for breaches involving Personally Identifiable Information.	Draft
CCI-004161	Include an assessment process to determine the extent of the harm, embarrassment, inconvenience, or unfairness to affected individuals and any mechanisms to mitigate such harms in the Incident Response Plan for breaches involving Personally Identifiable Information.	Draft
CCI-004162	Include identification of applicable privacy requirements in the Incident Response Plan for breaches involving Personally Identifiable Information.	Draft
CCI-004163	Respond to information spills by assigning organization-defined personnel or roles with responsibility for responding to information spills.	Draft
CCI-004164	Defines the personnel or roles who will respond to information spills.	Draft
CCI-004165	Develop and document an organization-level; mission/business process-level; and/or system-level maintenance policy that is consistent with applicable laws, Executive Orders, directives, regulations, policies, standards, and guidelines.	Draft
CCI-004166	Designate an organization-defined official to manage the development, documentation, and dissemination of the maintenance policy.	Draft
CCI-004167	Designate an organization-defined official to manage the development, documentation, and dissemination of the maintenance procedures.	Draft
CCI-004168	Defines the official who will manage the development, documentation, and dissemination of the maintenance policy.	Draft
CCI-004169	Defines the official who will manage the development, documentation, and dissemination of the maintenance procedures.	Draft
CCI-004170	Review and update the current maintenance policy following organization-defined events.	Draft
CCI-004171	Defines the events following reviewing and updating the current maintenance policy.	Draft