Skip to main content

πŸ’Ό RC.CO-04: Public updates on incident recovery are shared using approved methods and messaging

  • Contextual name: πŸ’Ό RC.CO-04: Public updates on incident recovery are shared using approved methods and messaging
  • ID: /frameworks/nist-csf-v2.0/rc-co/04
  • Located in: πŸ’Ό Incident Recovery Communication (RC.CO)

Description​

  1. Follow the organization's breach notification procedures for recovering from a data breach incident
  2. Explain the steps being taken to recover from the incident and to prevent a recurrence

Similar​

  • Sections
    • /frameworks/nist-csf-v1.1/rc-co/01
    • /frameworks/nist-csf-v1.1/rs-co/02
    • /frameworks/nist-sp-800-53-r5/cp/02
    • /frameworks/nist-sp-800-53-r5/ir/04

Similar Sections (Take Policies From)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό RC.CO-1: Public relations are managed
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό RS.CO-2: Incidents are reported consistent with established criteria2023
πŸ’Ό NIST SP 800-53 Revision 5 β†’ πŸ’Ό CP-2 Contingency Plan81
πŸ’Ό NIST SP 800-53 Revision 5 β†’ πŸ’Ό IR-4 Incident Handling15

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlags

Policies (23)​

PolicyLogic CountFlags
πŸ“ AWS Account IAM Access Analyzer is not enabled for all regions 🟒1🟒 x6
πŸ“ AWS Account Multi-Region CloudTrail is not enabled 🟒1🟒 x6
πŸ“ AWS CloudTrail S3 Bucket Access Logging is not enabled. 🟒1🟒 x6
πŸ“ AWS KMS Symmetric CMK Rotation is not enabled 🟒1🟒 x6
πŸ“ AWS S3 Bucket Server Access Logging is not enabled 🟒1🟒 x6
πŸ“ AWS VPC Flow Logs are not enabled 🟒1🟠 x1, 🟒 x5
πŸ“ Azure Diagnostic Setting for Azure Key Vault is not enabled 🟒🟒 x3
πŸ“ Azure PostgreSQL Flexible Server log_checkpoints Parameter is not set to ON 🟒1🟒 x6
πŸ“ Azure PostgreSQL Flexible Server log_retention_days Parameter is less than 4 days 🟒1🟒 x6
πŸ“ Azure PostgreSQL Single Server log_connections Parameter is not set to ON 🟒1🟒 x6
πŸ“ Azure PostgreSQL Single Server log_disconnections Parameter is not set to ON 🟒1🟒 x6
πŸ“ Azure SQL Server Auditing Retention is less than 90 days 🟒1🟒 x6
πŸ“ Azure Storage Blob Logging is not enabled for Read, Write, and Delete requests 🟒1🟒 x6
πŸ“ Azure Storage Queue Logging is not enabled for Read, Write, and Delete requests 🟒1🟒 x6
πŸ“ Azure Subscription Activity Log Alert for Create or Update Network Security Group does not exist 🟒1🟒 x6
πŸ“ Azure Subscription Activity Log Alert for Create or Update Security Solution does not exist 🟒1🟒 x6
πŸ“ Azure Subscription Activity Log Alert for Create Policy Assignment does not exist 🟒1🟒 x6
πŸ“ Azure Subscription Activity Log Alert for Delete Network Security Group does not exist 🟒1🟒 x6
πŸ“ Azure Subscription Activity Log Alert for Delete Policy Assignment does not exist 🟒1🟒 x6
πŸ“ Azure Subscription Activity Log Alert for Delete Security Solution does not exist 🟒1🟒 x6
πŸ“ Azure Subscription Security Alert Notifications additional email address is not configured 🟒1🟒 x6
πŸ“ Azure Subscription Security Alert Notifications to subscription owners are not configured 🟒1🟒 x6
πŸ“ Microsoft Defender For Cloud Integration With Microsoft Defender For Cloud Apps is not enabled 🟒1🟒 x6