Security Incident Mgmt, E-Discovery, & Cloud Forensics
SEF domain controls.
Security Incident Management Policy and Procedures
Establish, document, approve, communicate, apply, evaluate and maintain policies and procedures for Security Incident Management, E-Discovery, and Cloud Forensics.
Service Management Policy and Procedures
Establish, document, approve, communicate, apply, evaluate and maintain policies and procedures for the timely management of security incidents.
Incident Response Plans
Establish, document, approve, communicate, apply, evaluate and maintain a security incident response plan, which includes but is not limited to: relevant internal departments, impacted CSCs, and other business critical relationships (such as supply-chain) that may be impacted.
Incident Response Testing
Test and update as necessary incident response plans at planned intervals or upon significant organizational or environmental changes for effectiveness.
Incident Response Metrics
Establish and monitor information security incident metrics.
Event Triage Processes
Define, implement and evaluate processes, procedures and technical measures supporting business processes to triage security-related events.
Security Breach Notification
Define and implement, processes, procedures and technical measures for security breach notifications.
Points of Contact Maintenance
Maintain points of contact for applicable regulation authorities, national and local law enforcement, and other legal jurisdictional authorities.