19.6: Publish Information Regarding Reporting Computer Anomalies and Incidents
Publish information for all workforce members, regarding reporting computer anomalies and incidents, to the incident handling team. Such information should be included in routine employee awareness activities.
Asset Type |
Security Function |
Implementation Groups |
|---|---|---|
N/A |
N/A |
1, 2, 3 |
Dependencies
Subcontrol 19.1: Document Incident Response Procedures
Inputs
Incident response plan
Security awareness program documentation
Operations
Determine whether incident response plan exists (becomes M1)
Determine whether the security awareness documentation exists (becomes M2)
If both exist, then review the security awareness plan (determine M3 and M4)
Measures
M1 = Boolean value indicating whether an incident response plan exists; 1 if an incident response plan exists, 0 otherwise.
M2 = Boolean value indicating whether a security awareness program exists; 1 if an incident response plan exists, 0 otherwise.
M3 = The incident response plan requires publishing incident reporting information for all workforce members as part of the organization’s security awareness program
M4 = The security awareness program publishes incident reporting information for all workforce members
Metrics
Metric |
Is information regarding reporting of computer anomalies and incidents published
for all workforce members?
|
Calculation |
|