💼 IR-6 Incident Reporting

• Contextual name: 💼 IR-6 Incident Reporting
• ID: /frameworks/nist-sp-800-53-r5/ir/06
• Located in: 💼 IR Incident Response

Description

a. Require personnel to report suspected incidents to the organizational incident response capability within [Assignment: organization-defined time period]; and b. Report incident information to [Assignment: organization-defined authorities].

Similar

• Internal
  • ID: dec-c-cd711b7c

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 FedRAMP High Security Controls → 💼 IR-6 Incident Reporting (L)(M)(H)	2	10	12
💼 FedRAMP Low Security Controls → 💼 IR-6 Incident Reporting (L)(M)(H)
💼 NIST CSF v2.0 → 💼 RC.CO-03: Recovery activities and progress in restoring operational capabilities are communicated to designated internal and external stakeholders
💼 NIST CSF v2.0 → 💼 RS.AN-06: Actions performed during an investigation are recorded, and the records' integrity and provenance are preserved
💼 NIST CSF v2.0 → 💼 RS.AN-07: Incident data and metadata are collected, and their integrity and provenance are preserved
💼 NIST CSF v2.0 → 💼 RS.AN-08: An incident's magnitude is estimated and validated
💼 NIST CSF v2.0 → 💼 RS.CO-02: Internal and external stakeholders are notified of incidents			30
💼 NIST CSF v2.0 → 💼 RS.CO-03: Information is shared with designated internal and external stakeholders			17
💼 NIST CSF v2.0 → 💼 RS.MA-01: The incident response plan is executed in coordination with relevant third parties once an incident is declared
💼 NIST CSF v2.0 → 💼 RS.MA-02: Incident reports are triaged and validated			22
💼 NIST CSF v2.0 → 💼 RS.MA-03: Incidents are categorized and prioritized
💼 NIST CSF v2.0 → 💼 RS.MA-04: Incidents are escalated or elevated as needed

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags
💼 IR-6(1) Incident Reporting _ Automated Reporting
💼 IR-6(2) Incident Reporting _ Vulnerabilities Related to Incidents
💼 IR-6(3) Incident Reporting _ Supply Chain Coordination