πΌ ID.IM-04: Incident response plans and other cybersecurity plans that affect operations are established, communicated, maintained, and improved
- Contextual name: πΌ ID.IM-04: Incident response plans and other cybersecurity plans that affect operations are established, communicated, maintained, and improved
- ID:
/frameworks/nist-csf-v2.0/id-im/04 - Located in: πΌ Improvement (ID.IM)
Descriptionβ
- Establish contingency plans (e.g., incident response, business continuity, disaster recovery) for responding to and recovering from adverse events that can interfere with operations, expose confidential information, or otherwise endanger the organization's mission and viability
- Include contact and communication information, processes for handling common scenarios, and criteria for prioritization, escalation, and elevation in all contingency plans
- Create a vulnerability management plan to identify and assess all types of vulnerabilities and to prioritize, test, and implement risk responses
- Communicate cybersecurity plans (including updates) to those responsible for carrying them out and to affected parties
- Review and update all cybersecurity plans annually or when a need for significant improvements is identified
Similarβ
- Sections
/frameworks/nist-csf-v1.1/pr-ip/09/frameworks/nist-csf-v1.1/pr-ip/10/frameworks/nist-csf-v1.1/rs-im/01/frameworks/nist-csf-v1.1/rc-im/01/frameworks/nist-sp-800-53-r5/cp/02/frameworks/nist-sp-800-53-r5/ir/08/frameworks/nist-sp-800-53-r5/pl/02/frameworks/nist-sp-800-53-r5/sr/02
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ NIST CSF v1.1 β πΌ PR.IP-9: Response plans (Incident Response and Business Continuity) and recovery plans (Incident Recovery and Disaster Recovery) are in place and managed | 3 | 3 | ||
| πΌ NIST CSF v1.1 β πΌ PR.IP-10: Response and recovery plans are tested | 1 | 1 | ||
| πΌ NIST CSF v1.1 β πΌ RC.IM-1: Recovery plans incorporate lessons learned | ||||
| πΌ NIST CSF v1.1 β πΌ RS.IM-1: Response plans incorporate lessons learned | ||||
| πΌ NIST SP 800-53 Revision 5 β πΌ CP-2 Contingency Plan | 8 | 1 | ||
| πΌ NIST SP 800-53 Revision 5 β πΌ IR-8 Incident Response Plan | 1 | |||
| πΌ NIST SP 800-53 Revision 5 β πΌ PL-2 System Security and Privacy Plans | 3 | |||
| πΌ NIST SP 800-53 Revision 5 β πΌ SR-2 Supply Chain Risk Management Plan | 1 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
Policies (3)β
| Policy | Logic Count | Flags |
|---|---|---|
| π AWS S3 Bucket Versioning is not enabled π’ | 1 | π’ x6 |
| π Azure PostgreSQL Flexible Server connection_throttle.enable Parameter is not set to ON π’ | 1 | π’ x6 |
| π Azure Storage Blob Containers Soft Delete is not enabled π’ | 1 | π’ x6 |