💼 Analysis (RS.AN)

Description

Analysis is conducted to ensure effective response and support recovery activities.

Section	Internal Rules	Policies
💼 RS.AN-1: Notifications from detection systems are investigated	19	22
💼 RS.AN-2: The impact of the incident is understood
💼 RS.AN-3: Forensics are performed
💼 RS.AN-4: Incidents are categorized consistent with response plans
💼 RS.AN-5: Processes are established to receive, analyze and respond to vulnerabilities disclosed to the organization from internal and external sources (e.g. internal testing, security bulletins, or security researchers)