IR-06 Incident Reporting

a. Require personnel to report suspected incidents to the organizational incident response capability within ir-06_odp.01 ; and

b. Report incident information to ir-06_odp.02.

Parameter ID Definition
ir-06_odp.01 time period
ir-06_odp.02 authorities



The types of incidents reported, the content and timeliness of the reports, and the designated reporting authorities reflect applicable laws, executive orders, directives, regulations, policies, standards, and guidelines. Incident information can inform risk assessments, control effectiveness assessments, security requirements for acquisitions, and selection criteria for technology products.

References 4

Control Enhancements 3

Related controls 6