19.3: Designate Management Personnel to Support Incident Handling

Designate management personnel, as well as backups, who will support the incident handling process by acting in key decision-making roles.

Asset Type	Security Function	Implementation Groups
N/A	N/A	1, 2, 3

Dependencies

• Sub-control 19.1: Document Incident Response Procedures

Inputs

1. Incident response plan

Operations

1. Determine whether incident response plan exists (becomes M1)

2. If it exists, then manual review of incident response plan (determine M2 and M3)

Measures

• M1 = A plan exists

• M2 = The plan identifies management personnel filling incident response handling decision-making roles

• M3 = The plan identifies backup personnel to the management personnel identified by M2

Metrics

Metric	Are personnel, including backups, designated to support the incident handling process?
Calculation	M1 AND M2 AND M3