Embedded Files
This page is classified as INTERNAL.
NIST 800-53 (r4) Control:
The organization employs automated mechanisms to assist in the reporting of security incidents.
NIST 800-53 (r4) Supplemental Guidance:
Related control: IR-7.
References: None.
NIST 800-53 (r5) Discussion:
The recipients of incident reports are specified in IR-6b. Automated reporting mechanisms include email, posting on websites (with automatic updates), and automated incident response tools and programs.
38North Guidance:
Meets Minimum Requirement:
Employs automated mechanisms to assist in the reporting of security incidents, such as a workflow automation/ticketing tool and/or a SIEM to monitor for security incidents.
Best Practice:
TBD
Unofficial FedRAMP Guidance:
TBD
Assessment Evidence:
Evidence of automated mechanisms that are employed such as incident tickets, emails, alerts, etc.
CSP Implementation Tips:
Amazon Web Services (AWS): TBD
Microsoft Azure: TBD
Google Cloud Platform: TBD
Page updated
Report abuse