Created
September 6, 2022 22:52
-
-
Save opexxx/d79c7d2ffe02dc4bcff31bce06a46684 to your computer and use it in GitHub Desktop.
Respond: Self-scoring worksheet
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Response Planning | |
| RS.RP-1: Response plan is executed during or after an incident | |
| Communications | |
| RS.CO-1: Personnel know their roles and order of operations when a response is needed | |
| RS.CO-2: Incidents are reported consistent with established criteria | |
| RS.CO-3: Information is shared consistent with response plans | |
| RS.CO-4: Coordination with stakeholders occurs consistent with response plans | |
| RS.CO-5: Voluntary information sharing occurs with external stakeholders to achieve broader cybersecurity situational awareness | |
| Analysis | |
| RS.AN-1: Notifications from detection systems are investigated | |
| RS.AN-2: The impact of the incident is understood | |
| RS.AN-3: Forensics are performed | |
| RS.AN-4: Incidents are categorized consistent with response plans | |
| RS.AN-5: Processes are established to receive, analyze and respond to vulnerabilities disclosed to the organization from internal and external sources (e.g. internal testing, security bulletins, or security researchers) | |
| Mitigation | |
| RS.MI-1: Incidents are contained | |
| RS.MI-2: Incidents are mitigated | |
| RS.MI-3: Newly identified vulnerabilities are mitigated or documented as accepted risks | |
| Improvements | |
| RS.IM-1: Response plans incorporate lessons learned | |
| RS.IM-2: Response strategies are updated |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment