Critical Control 19 - Incident Response and Management

Protect the organization’s information, as well as its reputation, by developing and implementing an incident response infrastructure (e.g., plans, defined roles, training, communications, management oversight).

DE.AE-1 A baseline of network operations and expected data flows for users and systems is established and managed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Control19.md

Control19.md

Critical Control 19 - Incident Response and Management

DE.AE-1 A baseline of network operations and expected data flows for users and systems is established and managed

DE.AE-2 Detected events are analyzed to understand attack targets and methods

DE.AE-3 Event data are collected and correlated from multiple sources and sensors

DE.AE-4 Impact of events is determined

DE.AE-5 Incident alert thresholds are established

RS.RP-1 Response plan is executed during or after an incident

Files

Control19.md

Latest commit

History

Control19.md

File metadata and controls

Critical Control 19 - Incident Response and Management

DE.AE-1 A baseline of network operations and expected data flows for users and systems is established and managed

DE.AE-2 Detected events are analyzed to understand attack targets and methods

DE.AE-3 Event data are collected and correlated from multiple sources and sensors

DE.AE-4 Impact of events is determined

DE.AE-5 Incident alert thresholds are established

RS.RP-1 Response plan is executed during or after an incident