Embedded Files
This page is classified as INTERNAL.
NIST 800-53 (r4) Control:
The organization employs automated mechanisms to support the incident handling process.
NIST 800-53 (r4) Supplemental Guidance:
Automated mechanisms supporting incident handling processes include, for example, online incident management systems.
References: None.
NIST 800-53 (r5) Discussion:
Automated mechanisms that support incident handling processes include online incident management systems and tools that support the collection of live response data, full network packet capture, and forensic analysis.
38North Guidance:
Meets Minimum Requirement:
Automated mechanisms are used to support the incident handling process. Examples include, but are not limited to:
Ticketing system for documenting and tracking security incidents
Automated email generation to the incident response team throughout the incident handling process
Document repository or incident response database for trends, topics, and past remediation steps
Monitoring tools that can provide alerts or other automated services
Best Practice:
TBD
Unofficial FedRAMP Guidance:
TBD
Assessment Evidence:
Evidence of the automated mechanisms that are employed, such as sample alerts, sample incident tickets, emails, screenshots of the document repository of where incident information is stored.
CSP Implementation Tips:
Amazon Web Services (AWS): TBD
Microsoft Azure: TBD
Google Cloud Platform: TBD
Page updated
Report abuse