IRO-12.3 ยท Post-Sensitive / Regulated Data Spill Operations

Control Description

Mechanisms exist to ensure that organizational personnel impacted by sensitive/regulated data spills can continue to carry out assigned tasks while contaminated Technology Assets, Applications and/or Services (TAAS) are undergoing corrective actions.

Control Question
Assessment question for control validation

Does the organization ensure that organizational personnel impacted by sensitive/regulated data spills can continue to carry out assigned tasks while contaminated Technology Assets, Applications and/or Services (TAAS) are undergoing corrective actions?

Control Weighting
8
Validation Cadence
Annual
NIST CSF Function
Respond
Supply Chain Risk Management (SCRM) Tiers
Applicable SCRM tier levels for this control
Tier 2 - Operational
Tier 3 - Tactical
Additional Metadata
Applicability (Process):
x
Errata & Additional Notes

- wordsmithed control