Description
The organization promptly reports incident information to appropriate authorities.\n
Supplemental Guidance
The types of incident information reported, the content and timeliness of the reports, and the list of designated reporting authorities or organizations are consistent with applicable laws, Executive Orders, directives, policies, regulations, standards, and guidance. Organizational officials report cyber security incidents to the United States Computer Emergency Readiness Team (US-CERT) at http://www.us-cert.gov within the specified timeframe designated in the US-CERT Concept of Operations for Federal Cyber Security Incident Handling. In addition to incident information, weaknesses and vulnerabilities in the information system are reported to appropriate organizational officials in a timely manner to prevent security incidents. NIST Special Publication 800-61 provides guidance on incident reporting.\n
Changes from Rev 4
Control text eliminates ‘information system security' incidents Discussion significantly revised
Enhancements
(1) The organization employs automated mechanisms to assist in the reporting of security incidents.\n