19.5: Maintain Contact Information For Reporting Security Incidents
Assemble and maintain information on third-party contact information to be used to report a security incident, such as Law Enforcement, relevant government departments, vendors, and Information Sharing and Analysis Center (ISAC) partners.
Asset Type |
Security Function |
Implementation Groups |
|---|---|---|
N/A |
N/A |
1, 2, 3 |
Dependencies
Subcontrol 19.1: Document Incident Response Procedures
Inputs
Incident response plan
List of relevant third-party incident reporting entities
Operations
Determine whether incident response plan exists (becomes M1)
If it exists, then manual review of incident response plan (determine M2)
Measures
M1 = Boolean value indicating whether an incident response plan exists; 1 if an incident response plan exists, 0 otherwise.
M2 = The plan includes information on third-party contacts for incident reporting (M1 includes Input 2)
Metrics
Metric |
Is information on third-party contact information maintained, for use in incident handling? |
Calculation |
|