History
- Priority
- must
- Nov 2018
- Removed
- Removed due to a merge of relevant content into security control 0043.
- 2017
- Agencies must include, as a minimum, the following content in their IRP:• broad guidelines on what constitutes a cyber security incident• the minimum level of cyber security incident response and investigation training for usersand system administrators• the authority responsible for initiating investigations of a cyber security incident• the steps necessary to ensure the integrity of evidence supporting a cyber security incident• the steps necessary to ensure that critical systems remain operational• how to formally report cyber security incidents.
- 2015
- Agencies must include, as a minimum, the following content in their IRP:• broad guidelines on what constitutes a cyber security incident• the minimum level of cyber security incident response and investigation training for usersand system administrators• the authority responsible for initiating investigations of a cyber security incident• the steps necessary to ensure the integrity of evidence supporting a cyber security incident• the steps necessary to ensure that critical systems remain operational• how to formally report cyber security incidents.
- 2010
- Agencies must include, as a minimum, the following content in their IRP:• broad guidelines on what constitutes a cyber security incident• the minimum level of cyber security incident response and investigation training for system usersand system administrators• the authority responsible for initiating investigations of a cyber security incident• the steps necessary to ensure the integrity of evidence supporting a cyber security incident• the steps necessary to ensure that critical systems remain operational• how to formally report cyber security incidents.
- 2008
- Agencies must include, as a minimum, the following content within their IRP: a. broad guidelines on what constitutes an ICT security incident b. the minimum level of ICT security incident response and investigation training for system users and system administrators c. the authority responsible for initiating investigations of an ICT security incident d. the steps necessary to ensure the integrity of evidence supporting an ICT security breach e. the steps necessary to ensure that critical systems remain operational f. how to formally report ICT security incidents.