SAMMY UI is optimized for resolutions with a width 1024px and higher.
NIS2
Browse NIS2
RS.MA: Incident Management RS.CO: Incident Response Reporting and Communication
Stakeholder Incident Notification
RS.CO-02: Internal and external stakeholders are informed of incidents.
  • 1. In accordance with the incident management plan referred to in measure RS.MA-01, procedures are documented and adopted to communicate without undue delay, if deemed appropriate and whenever possible, after consulting CSIRT Italy, or if requested by the National Cybersecurity Agency pursuant to Article 37, paragraph 3, letters g) and h) of the NIS decree: a) to recipients of their services, significant incidents that may adversely affect the provision of such services; b) to recipients of services who are potentially affected by a significant cyber threat, the corrective or mitigating measures or actions that such recipients can take in response to such a threat and the nature of such threat.
  • 2. Procedures are documented and adopted to inform the public about incidents that have occurred, if requested by the National Cybersecurity Agency pursuant to Article 37, paragraph 3, letter i) of the NIS decree.
Requirement Covered
Not Applicable - Not applicable
No - The requirement(s) have not been meaningfully implemented.
Partial - Not all requirement(s) have been meaningfully implemented.
Yes - There is an organization-wide approach to managing cybersecurity risks that uses risk-informed policies, processes, and procedures to address potential cybersecurity events.
Description

Internal and external stakeholders are informed of incidents.