History
- Priority
- must
- Nov 2018
- Removed
- Removed due to duplication of intent of security control 0043.
- 2017
- Agencies must treat any data spill as a cyber security incident and follow the IRP to manage it.
- 2015
- Agencies must treat any data spill as a cyber security incident and follow the IRP to manage it.
- 2010
- Agencies must treat any data spill as a cyber security incident and follow the IRP to deal with it.
- 2008
- Agencies must treat any data spill as an ICT security incident and follow the incident response plan to deal with it.