Incident Response (IR)
Correlate incident information and individual incident responses to achieve an organization-wide perspective on incident awareness and response.
Incident Response (IR)
Implement a configurable capability to automatically disable the system if [Assignment: organization-defined security violations] are detected.
Incident Response (IR)
Level N/A
Implement an incident handling capability for incidents involving insider threats.
Incident Response (IR)
Coordinate an incident handling capability for insider threats that includes the following organizational entities [Assignment: organization-defined entities].
Incident Response (IR)
Coordinate with [Assignment: organization-defined external organizations] to correlate and share [Assignment: organization-defined incident information] to achieve a cross-organization perspective on incident awareness and more effective incident responses.
Incident Response (IR)
Employ [Assignment: organization-defined dynamic response capabilities] to respond to incidents.
Incident Response (IR)
Coordinate incident handling activities involving supply chain events with other organizations involved in the supply chain.
Incident Response (IR)
Establish and maintain an integrated incident response team that can be deployed to any location identified by the organization in [Assignment: organization-defined time period].
Incident Response (IR)
Analyze malicious code and/or other residual artifacts remaining in the system after the incident.
Incident Response (IR)
Level N/A
Analyze anomalous or suspected adversarial behavior in or related to [Assignment: organization-defined environments or resources].
