Appendix O: Sample Security Procedure
Procedure 3-7: Incident Response
Satisfies Security Requirements (National Institute of Standards and Technology Special Publication [NIST SP] 800-53): Controls IR-1 to IR-7
Responsibility for Implementation and Enforcement
- Group name: IT Operations
- Person’s name: Joe Doaks
- Title: ABC System information system security officer (ISSO)
- Phone: (123) 456-7890
- E-mail: joe.doaks@xyz.com
References
XYZ Company Policy 37, Computer Incident Reporting
Applicability
A security incident occurs whenever XYZ Company information is compromised, when there is a risk of compromise of such information, when recurring or successful attempts to obtain unauthorized access to the ABC System are detected, or where misuse of ...
Get Official (ISC)2® Guide to the CAP® CBK®, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.