Purpose: Mitigate risk to the reliable operation of the BES as the result of a Cyber Security Incident by specifying incident response requirements.
- Documenting and maintain a Cyber Security Incident response plan
- Determining Cyber Security Incident types and report-ability
- Maintaining updated personnel information and roles for Cyber Security Incident responses
- Developing and maintaining evidence of processes or procedures that address incident response handling
- Testing each Cyber Security Incident response plan and maintaining evidence
- Recording deviations from Cyber Security Incident response plan
Retaining records related to Reportable Cyber Security Incidents
- Provides central repository of all compliance evidence
- Retains audit history of periodic training and records
- Provides alerts and workflows required to manage the process.
- Centralized policy enforcement
- Ready compliance evidence
- Audit history of periodic training and records
- Personnel/Group and team management that supports the creation of Incident Response Teams
- Reminders and workflows of actions triggered to support this process