RS.CO-03: Information is shared with designated internal and external stakeholders
Ex1: Securely share information consistent with response plans and information sharing agreements
Ex2: Voluntarily share information about an attacker’s observed TTPs, with all sensitive data removed, with an Information Sharing and Analysis Center (ISAC)
Ex3: Notify HR when malicious insider activity occurs
Ex4: Regularly update senior leadership on the status of major incidents
Ex5: Follow the rules and protocols defined in contracts for incident information sharing between the organization and its suppliers
Ex6: Coordinate crisis communication methods between the organization and its critical suppliers
Tier
Description
Information is shared with designated internal and external stakeholders