💼 RS.MA-03: Incidents are categorized and prioritized
- Contextual name: 💼 RS.MA-03: Incidents are categorized and prioritized
- ID:
/frameworks/nist-csf-v2.0/rs-ma/03 - Located in: 💼 Incident Management (RS.MA)
Description
- Further review and categorize incidents based on the type of incident (e.g., data breach, ransomware, DDoS, account compromise)
- Prioritize incidents based on their scope, likely impact, and time-critical nature
- Select incident response strategies for active incidents by balancing the need to quickly recover from an incident with the need to observe the attacker or conduct a more thorough investigation
Similar
- Sections
/frameworks/nist-csf-v1.1/rs-an/04/frameworks/nist-csf-v1.1/rs-an/02/frameworks/nist-sp-800-53-r5/ir/04/frameworks/nist-sp-800-53-r5/ir/05/frameworks/nist-sp-800-53-r5/ir/06
Similar Sections (Take Policies From)
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| 💼 NIST CSF v1.1 → 💼 RS.AN-2: The impact of the incident is understood | ||||
| 💼 NIST CSF v1.1 → 💼 RS.AN-4: Incidents are categorized consistent with response plans | ||||
| 💼 NIST SP 800-53 Revision 5 → 💼 IR-4 Incident Handling | 15 | |||
| 💼 NIST SP 800-53 Revision 5 → 💼 IR-5 Incident Monitoring | 1 | |||
| 💼 NIST SP 800-53 Revision 5 → 💼 IR-6 Incident Reporting | 3 | 1 |
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
Policies (1)
| Policy | Logic Count | Flags |
|---|---|---|
| 📝 Google Organization Essential Contacts is not configured 🟢 | 1 | 🟢 x6 |