💼 RS.MA-03: Incidents are categorized and prioritized
- ID:
/frameworks/nist-csf-v2.0/rs-ma/03
Description
- Further review and categorize incidents based on the type of incident (e.g., data breach, ransomware, DDoS, account compromise)
- Prioritize incidents based on their scope, likely impact, and time-critical nature
- Select incident response strategies for active incidents by balancing the need to quickly recover from an incident with the need to observe the attacker or conduct a more thorough investigation
Similar
- Sections
/frameworks/nist-csf-v1.1/rs-an/04/frameworks/nist-csf-v1.1/rs-an/02/frameworks/nist-sp-800-53-r5/ir/04/frameworks/nist-sp-800-53-r5/ir/05/frameworks/nist-sp-800-53-r5/ir/06
Similar Sections (Take Policies From)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 NIST CSF v1.1 → 💼 RS.AN-2: The impact of the incident is understood | no data | ||||
| 💼 NIST CSF v1.1 → 💼 RS.AN-4: Incidents are categorized consistent with response plans | no data | ||||
| 💼 NIST SP 800-53 Revision 5 → 💼 IR-4 Incident Handling | 15 | 1 | no data | ||
| 💼 NIST SP 800-53 Revision 5 → 💼 IR-5 Incident Monitoring | 1 | no data | |||
| 💼 NIST SP 800-53 Revision 5 → 💼 IR-6 Incident Reporting | 3 | 1 | no data |
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|
Policies (1)
| Policy | Logic Count | Flags | Compliance |
|---|---|---|---|
| 🛡️ Google Organization Essential Contacts is not configured🟢 | 1 | 🟢 x6 | no data |