ID.IM-04: Incident response plans and other cybersecurity plans that affect operations are established, communicated, maintained, and improved
Ex1: Establish contingency plans (e.g., incident response, business continuity, disaster recovery) for responding to and recovering from adverse events that can interfere with operations, expose confidential information, or otherwise endanger the organization’s mission and viability
Ex2: Include contact and communication information, processes for handling common scenarios, and criteria for prioritization, escalation, and elevation in all contingency plans
Ex3: Create a vulnerability management plan to identify and assess all types of vulnerabilities and to prioritize, test, and implement risk responses
Ex4: Communicate cybersecurity plans (including updates) to those responsible for carrying them out and to affected parties
Ex5: Review and update all cybersecurity plans annually or when a need for significant improvements is identified
Tier
Description
Incident response plans and other cybersecurity plans that affect operations are established, communicated, maintained, and improved