IRO-02 ยท Incident Handling

Control Description

Mechanisms exist to cover: (1) Preparation; (2) Automated event detection or manual incident report intake; (3) Analysis; (4) Containment; (5) Eradication; and (6) Recovery.

Control Question
Assessment question for control validation

Does the organization cover: (1) Preparation; (2) Automated event detection or manual incident report intake; (3) Analysis; (4) Containment; (5) Eradication; and (6) Recovery?

Control Weighting
10
Validation Cadence
Annual
NIST CSF Function
Respond
Supply Chain Risk Management (SCRM) Tiers
Applicable SCRM tier levels for this control
Tier 1 - Strategic
Tier 2 - Operational
Core Control Designations
Special designations and baseline inclusions
MAD: IRO-02
ESP Level 1: IRO-02
ESP Level 2: IRO-02
ESP Level 3: IRO-02
Additional Metadata
Applicability (Process):
x