💼 RS.CO-02: Internal and external stakeholders are notified of incidents

• ID: /frameworks/nist-csf-v2.0/rs-co/02

Description

1. Follow the organization's breach notification procedures after discovering a data breach incident, including notifying affected customers
2. Notify business partners and customers of incidents in accordance with contractual requirements
3. Notify law enforcement agencies and regulatory bodies of incidents based on criteria in the incident response plan and management approval

Similar

• Sections
  • /frameworks/nist-csf-v1.1/rs-co/02
  • /frameworks/nist-csf-v1.1/rs-co/03
  • /frameworks/nist-sp-800-53-r5/ir/04
  • /frameworks/nist-sp-800-53-r5/ir/06
  • /frameworks/nist-sp-800-53-r5/ir/07
  • /frameworks/nist-sp-800-53-r5/sr/03
  • /frameworks/nist-sp-800-53-r5/sr/08

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 NIST CSF v1.1 → 💼 RS.CO-2: Incidents are reported consistent with established criteria		19	22		no data
💼 NIST CSF v1.1 → 💼 RS.CO-3: Information is shared consistent with response plans		16	18		no data
💼 NIST SP 800-53 Revision 5 → 💼 IR-4 Incident Handling	15		1		no data
💼 NIST SP 800-53 Revision 5 → 💼 IR-6 Incident Reporting	3		1		no data
💼 NIST SP 800-53 Revision 5 → 💼 IR-7 Incident Response Assistance	2				no data
💼 NIST SP 800-53 Revision 5 → 💼 SR-3 Supply Chain Controls and Processes	3				no data
💼 NIST SP 800-53 Revision 5 → 💼 SR-8 Notification Agreements					no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Policies (31)

Policy	Logic Count	Flags	Compliance
🛡️ AWS Account IAM Access Analyzer is not enabled for all regions🟢	1	🟢 x6	no data
🛡️ AWS CloudTrail S3 Bucket Access Logging is not enabled.🟢	1	🟢 x6	no data
🛡️ AWS KMS Symmetric CMK Rotation is not enabled🟢	1	🟢 x6	no data
🛡️ AWS S3 Bucket Server Access Logging is not enabled🟢	1	🟢 x6	no data
🛡️ AWS VPC Flow Logs are not enabled🟢	1	🟠 x1, 🟢 x5	no data
🛡️ Azure Diagnostic Setting for Azure Key Vault is not enabled🟢⚪		🟢 x2, ⚪ x1	no data
🛡️ Azure PostgreSQL Flexible Server log_checkpoints Parameter is not set to ON🟢	1	🟢 x6	no data
🛡️ Azure PostgreSQL Flexible Server log_retention_days Parameter is less than 4 days🟢	1	🟢 x6	no data
🛡️ Azure PostgreSQL Single Server log_connections Parameter is not set to ON🟢	1	🟢 x6	no data
🛡️ Azure PostgreSQL Single Server log_disconnections Parameter is not set to ON🟢	1	🟢 x6	no data
🛡️ Azure SQL Server Auditing Retention is less than 90 days🟢	1	🟢 x6	no data
🛡️ Azure Storage Blob Logging is not enabled for Read, Write, and Delete requests🟢	1	🟢 x6	no data
🛡️ Azure Storage Queue Logging is not enabled for Read, Write, and Delete requests🟢	1	🟢 x6	no data
🛡️ Azure Subscription Activity Log Alert for Create or Update Network Security Group does not exist🟢	1	🟢 x6	no data
🛡️ Azure Subscription Activity Log Alert for Create or Update Security Solution does not exist🟢	1	🟢 x6	no data
🛡️ Azure Subscription Activity Log Alert for Create Policy Assignment does not exist🟢	1	🟢 x6	no data
🛡️ Azure Subscription Activity Log Alert for Delete Network Security Group does not exist🟢	1	🟢 x6	no data
🛡️ Azure Subscription Activity Log Alert for Delete Policy Assignment does not exist🟢	1	🟢 x6	no data
🛡️ Azure Subscription Activity Log Alert for Delete Security Solution does not exist🟢	1	🟢 x6	no data
🛡️ Azure Subscription Integration With Microsoft Defender For Cloud Apps is not enabled🟢	1	🟢 x6	no data
🛡️ Azure Subscription Microsoft Defender For (Managed Instance) Azure SQL Databases is not set to On🟢	1	🟢 x6	no data
🛡️ Azure Subscription Microsoft Defender For App Services is not set to On🟢	1	🟢 x6	no data
🛡️ Azure Subscription Microsoft Defender For Containers is not set to On🟢	1	🟢 x6	no data
🛡️ Azure Subscription Microsoft Defender For Key Vault is not set to On🟢	1	🟢 x6	no data
🛡️ Azure Subscription Microsoft Defender For Servers is not set to On🟢	1	🟢 x6	no data
🛡️ Azure Subscription Microsoft Defender For SQL Servers On Machines is not set to On🟢	1	🟢 x6	no data
🛡️ Azure Subscription Microsoft Defender For Storage is not set to On🟢	1	🟢 x6	no data
🛡️ Azure Subscription Security Alert Notifications additional email address is not configured🟢	1	🟢 x6	no data
🛡️ Azure Subscription Security Alert Notifications to subscription owners are not configured🟢	1	🟢 x6	no data
🛡️ Google GCE Firewall Rule logging is disabled🟢	1	🟢 x6	no data
🛡️ Google Organization Essential Contacts is not configured🟢	1	🟢 x6	no data