← Frameworks / TIBER-EU / Control Mappings

TIBER-EU Framework for Threat Intelligence-Based Ethical Red Teaming

ECB framework for threat intelligence-based ethical red teaming of financial entities across the EU. Defines a structured approach covering generic threat landscape, targeted threat intelligence, red team testing on live production systems, and 360-degree closure. Adopted by 15+ EU member states with cross-border mutual recognition. Complementary to DORA Article 26 TLPT requirements.

Controls: 59

Total Mappings: 83

Publisher: European Central Bank (ECB) Version: 2018

TIBER-EU → SP 800-53 SP 800-53 → TIBER-EU Coverage Analysis

AC (3) AU (4) CA (4) IR (8) MP (2) PE (1) PL (3) PM (12) PT (2) RA (5) SA (3) SC (4) SI (4) SR (4)

AC Access Control

Control	Name	TIBER-EU References
AC-01	Access Control Policies and Procedures	TIBER.CONF
AC-03	Access Enforcement	TIBER.CONF
AC-06	Least Privilege	TIBER.CONF

AU Audit and Accountability

Control	Name	TIBER-EU References
AU-02	Auditable Events	TIBER.BT
AU-06	Audit Monitoring, Analysis, And Reporting	TIBER.BT
AU-12	Audit Record Generation	TIBER.BT
AU-14	Session Audit	TIBER.BT

CA Security Assessment and Authorization

Control	Name	TIBER-EU References
CA-02	Security Assessments	TIBER.CLOSETIBER.REM
CA-05	Plan Of Action And Milestones	TIBER.CLOSETIBER.REM
CA-07	Continuous Monitoring	TIBER.BTTIBER.REM
CA-08	Penetration Testing	TIBER.PREPTIBER.RT

IR Incident Response

Control	Name	TIBER-EU References
IR-01	Incident Response Policy And Procedures	TIBER.BT
IR-02	Incident Response Training	TIBER.BT
IR-03	Incident Response Testing And Exercises	TIBER.BTTIBER.CLOSE
IR-04	Incident Handling	TIBER.BTTIBER.CLOSE
IR-05	Incident Monitoring	TIBER.BTTIBER.CLOSE
IR-06	Incident Reporting	TIBER.BT
IR-07	Incident Response Assistance	TIBER.BT
IR-08	Incident Response Plan	TIBER.BT

MP Media Protection

Control	Name	TIBER-EU References
MP-01	Media Protection Policy And Procedures	TIBER.CONF
MP-06	Media Sanitization And Disposal	TIBER.CONF

PE Physical and Environmental Protection

Control	Name	TIBER-EU References
PE-03	Physical Access Control	TIBER.CONF

PL Planning

Control	Name	TIBER-EU References
PL-01	Security Planning Policy And Procedures	TIBER.PREP
PL-02	System Security Plan	TIBER.PREP
PL-04	Rules Of Behavior	TIBER.CONFTIBER.PREP

PM Program Management

Control	Name	TIBER-EU References
PM-01	Information Security Program Plan	TIBER.PREP
PM-02	Information Security Program Leadership Role	TIBER.PREP
PM-04	Plan of Action and Milestones Process	TIBER.CLOSETIBER.REM
PM-06	Measures of Performance	TIBER.CLOSETIBER.REM
PM-08	Critical Infrastructure Plan	TIBER.XB
PM-09	Risk Management Strategy	TIBER.CONFTIBER.PREP
PM-14	Testing, Training, and Monitoring	TIBER.BTTIBER.CLOSETIBER.PREPTIBER.RT
PM-15	Security and Privacy Groups and Associations	TIBER.GTLTIBER.XB
PM-16	Threat Awareness Program	TIBER.GTLTIBER.TTI
PM-28	Risk Framing	TIBER.CONFTIBER.PREP
PM-29	Risk Management Program Leadership Roles	TIBER.PREP
PM-31	Continuous Monitoring Strategy	TIBER.CLOSETIBER.REM

PT Personally Identifiable Information Processing and Transparency

Control	Name	TIBER-EU References
PT-01	Policy and Procedures	TIBER.CONF
PT-03	Personally Identifiable Information Processing Purposes	TIBER.CONF

RA Risk Assessment

Control	Name	TIBER-EU References
RA-03	Risk Assessment	TIBER.GTLTIBER.TTI
RA-05	Vulnerability Scanning	TIBER.GTLTIBER.RTTIBER.TTI
RA-06	Technical Surveillance Countermeasures Survey	TIBER.RT
RA-07	Risk Response	TIBER.CONFTIBER.REM
RA-10	Threat Hunting	TIBER.RTTIBER.TTI

SA System and Services Acquisition

Control	Name	TIBER-EU References
SA-04	Acquisitions	TIBER.PROV
SA-09	External Information System Services	TIBER.PROV
SA-21	Developer Screening	TIBER.PROV

SC System and Communications Protection

Control	Name	TIBER-EU References
SC-08	Transmission Integrity	TIBER.CONF
SC-26	Decoys	TIBER.RT
SC-28	Protection of Information at Rest	TIBER.CONF
SC-35	External Malicious Code Identification	TIBER.RT

SI System and Information Integrity

Control	Name	TIBER-EU References
SI-02	Flaw Remediation	TIBER.REM
SI-04	Information System Monitoring Tools And Techniques	TIBER.BT
SI-05	Security Alerts And Advisories	TIBER.GTLTIBER.TTI
SI-12	Information Output Handling And Retention	TIBER.CONF

SR Supply Chain Risk Management

Control	Name	TIBER-EU References
SR-01	Policy and Procedures	TIBER.PROV
SR-02	Supply Chain Risk Management Plan	TIBER.PROV
SR-06	Supplier Assessments and Reviews	TIBER.PROV
SR-08	Notification Agreements	TIBER.GTL