IR-04.1: Automated Incident Handling Processes

IR-04.1 · Automated Incident Handling Processes

Control Description

Support the incident handling process using {{ insert: param, ir-04.01_odp }}.

Impact Baselines

Security baselines where this control applies

Not in any baseline

Control Properties

SP800-53-enhancement

organization

Enhancement

Control Statement

The control requirements

Support the incident handling process using {{ insert: param, ir-04.01_odp }}.

Supplemental Guidance

Automated mechanisms that support incident handling processes include online incident management systems and tools that support the collection of live response data, full network packet capture, and forensic analysis.