← Controls / IR

IR-06 Incident Reporting

Incident Response

Low Moderate High Privacy

Description

The organization promptly reports incident information to appropriate authorities.

Supplemental Guidance

The types of incident information reported, the content and timeliness of the reports, and the list of designated reporting authorities or organizations are consistent with applicable laws, Executive Orders, directives, policies, regulations, standards, and guidance. Organizational officials report cyber security incidents to the United States Computer Emergency Readiness Team (US-CERT) at http://www.us-cert.gov within the specified timeframe designated in the US-CERT Concept of Operations for Federal Cyber Security Incident Handling. In addition to incident information, weaknesses and vulnerabilities in the information system are reported to appropriate organizational officials in a timely manner to prevent security incidents. NIST Special Publication 800-61 provides guidance on incident reporting.

Changes from Rev 4

Control text eliminates ‘information system security' incidents Discussion significantly revised

Enhancements

(1) The organization employs automated mechanisms to assist in the reporting of security incidents.

Compliance Mappings

ISO 27001:2022

A.5.25A.5.26A.5.27A.5.5A.6.8

ISO 27002:2022

5.255.265.56.8

COBIT 2019

DSS02

CIS Controls v8

CIS 17CIS 17.2CIS 17.3CIS 17.6

NIST CSF 2.0

DE.AE-06DE.AE-08GV.RM-05RC.CO-03RC.CO-04RS.CO-02RS.CO-03RS.MA-01RS.MA-04

SOC 2 TSC

CC2.3CC2.3-POF1CC7.4CC7.4-POF13CC7.4-POF6

PCI DSS v4.0.1

10.712.10

CSA CCM v4

BCR-07CEK-19DSP-18SEF-07SEF-08

CSA AICM v1

BCR-07CEK-19DSP-18SEF-07SEF-08SEF-09

FINOS CCC

CCC-C15

ISO 42001:2023

A.3.3A.8.3A.8.4

NIS2 Directive

Art. 21(2)(b)Art. 23Art. 29

PRA Operational Resilience

SS1/21-8.1SS2/21-15.1

APRA CPS 234

Para 25Para 26

BSI IT-Grundschutz

DER.2.1

ANSSI

Hygiene.40SecNumCloud.17.1

FINMA Circular 2023/1

IV.A(44)IV.A(45)IV.A(46)IV.B.a(47)IV.D(73)IV.D(74)

OSFI B-13

B-13.1.4B-13.2.5B-13.3.4

EU GDPR

Art.33(1)Art.33(2)Art.34(1)Art.34(3)

EU DORA

Art.11(7)Art.14Art.19(1)Art.19(4)Art.20(1)

BIO2

5.255.265.56.8

RBI CSF

Annex1.19ITGRCA.27

FISC Security Guidelines

FISC.O4

LGPD + BCB 4893

BCB.Art.5BCB.Art.8LGPD.Art.48LGPD.Art.49

HKMA TM-E-1

TME1.5.4TME1.7.5

MLPS 2.0

8.1.10.108.1.5.4

DNB Good Practice

DNB.15.2

EU CRA

CRA.Art14CRA.II.4CRA.II.5

SWIFT CSCF

SWIFT.7.1

SAMA CSF

2.23.6

NCA ECC

2-13

UAE IA

T11

CBB TM

TM-13TM-16

Qatar NIA

IM

CBUAE

CR-9

CBE CSF

CD-2

SA JS2

JS2-7.4JS2-9

CBN CSF

Part3.6

BoG CISD

CISD-COMPCISD-VII

POPIA

s22s73-99

BoM CTRM

5.1

IOSCO Cyber Resilience

LE-1RR-1RR-4SA-2

CPMI-IOSCO PFMI

CG.RRPFMI.P17

FFIEC IS

III.CIII.D

NYDFS 500

500.16500.17

HIPAA Security Rule

§164.308(a)(6)(i)§164.308(a)(6)(ii)

ECB CROE

CROE.2.5.1CROE.2.5.3CROE.2.7.2

EBA ICT Guidelines

3.5(d)3.7.53.8(d)

SEBI CSCRF

RC.CORS.CO

BOT Cyber Resilience

Ch4.1

CMMC 2.0

IR

NERC CIP

CIP-008-6

10 CFR 73.54

RG5.71-B-CP

TSA Pipeline SD

SD-1 Sec 2

DOE C2M2 v2.1

RESPONSE

API 1164

Sec 10

AWIA

AWWA Sec 6

IAEA NSS 17-T

Sec 7

TIBER-EU

TIBER.BT

PCI HSM

10

ISAE 3402

Clause 10

Solvency II

EIOPA-ICT-4.9

Lloyd's Minimum Standards

CRM.3MS8.5

NAIC Insurance Data Security

4F-a56-a6-b

PRA SS1/23

P5.3

FCA SYSC 13

SYSC 13.4

HITRUST CSF v11

11.a11.b

FDA 21 CFR Part 11

§11.300(c)

FDA Cybersecurity Guidance

524B-3CVD-1CVD-2INC-1INC-3

ISO 27799

16.216.3

NHS DSPT

NDG-6.1NDG-6.2NDG-6.3NDG-6.4

CCSS v9.0

1.06.22.04.2

MiCA

Art.62(8)

Basel SCO60

SCO60.23SCO60.73SCO60.82

BSSC Standards

GSP-05GSP-08

SEC Custody (Digital Assets)

SEC-CD-11

ISO 17799 (legacy)

6.1.66.2.26.2.313.1.113.1.2

COBIT 4.1 (legacy)

DS5.6