A cyber security incident register contains the following for each cyber security incident: • the date the cyber security incident occurred • the date the cyber security incident was discovered • a description of the cyber security incident • any actions taken in response to the cyber security incident • to whom the cyber security incident was reported.
Topic
Cyber security incident register
Applicable to
Non Classified, Official, Protected, Secret, Top Secret
History
Dec 2022
A cyber security incident register contains the following for each cyber security incident:
• the date the cyber security incident occurred
• the date the cyber security incident was discovered
• a description of the cyber security incident
• any actions taken in response to the cyber security incident
• to whom the cyber security incident was reported.
The existing control relating to cyber security incident registers, including their contents, was separated into two controls [ISM-0125, ISM-1803].