Embedded Files
This page is classified as INTERNAL.
NIST 800-53 (r4) Control:
The organization assigns [Assignment: organization-defined personnel or roles] with responsibility for responding to information spills.
NIST 800-53 (r4) Supplemental Guidance:
None
References: None.
NIST 800-53 (r5) Discussion:
None
38North Guidance:
Meets Minimum Requirement:
The organization has defined the personnel or roles that are involved in handling and responding to information spills within the IRP or other incident response SOPs.
Best Practice:
TBD
Unofficial FedRAMP Guidance: None.
Assessment Evidence:
Incident response plan or procedures that define which roles are responsible for responding to information spills
Reports for previous information spills that detail who responded to/handled the event
List of personnel that receive alerts if automated tools are used such as data loss prevention software.
CSP Implementation Tips:
Amazon Web Services (AWS): TBD
Microsoft Azure: TBD
Google Cloud Platform: TBD
Page updated
Report abuse