| Trustmark Definition Name | Version |
|---|---|
|
Defines conformance and assessment criteria for compliance with minimum security requirements for incident handling - coordination as related to overall incident response requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for incident handling - detection as related to overall incident response requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for incident handling - eradication as related to overall incident response requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for incident handling - lessons learned as related to overall incident response requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for incident handling - preparation as related to overall incident response requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for incident handling - recovery as related to overall incident response requirements.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization employs automated mechanisms to support the incident handling process.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization implements a configurable capability to automatically disable the information system if organization-defined security violations are detected.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization identifies organization-defined classes of incidents and actions to take in response to classes of incidents to ensure continuation of organizational missions and business functions.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization coordinates with organization-defined external organizations to correlate and share organization-defined incident information to achieve a cross-organization perspective on incident awareness and more effective incident responses.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization includes dynamic reconfiguration of organization-defined information system components as part of the incident response capability.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization employs organization-defined dynamic response capabilities to effectively respond to security incidents.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization correlates incident information and individual incident responses to achieve an organization-wide perspective on incident awareness and response.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization coordinates incident handling capability for insider threats across organization-defined components or elements of the organization.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization implements incident handling capability for insider threats.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization coordinates incident handling activities involving supply chain events with other organizations involved in the supply chain.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for incident monitoring as related to overall incident response requirements.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization employs automated mechanisms to assist in the tracking of security incidents and in the collection and analysis of incident information.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization employs automated mechanisms to assist in the reporting of security incidents.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization provides security incident information to other organizations involved in the supply chain for information systems or information system components related to the incident.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization reports information system vulnerabilities associated with reported security incidents to organization-defined personnel or roles.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization employs automated mechanisms to increase the availability of incident response-related information and support.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization establishes a direct, cooperative relationship between its incident response capability and external providers of information system protection capability.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization identifies organizational incident response team members to external providers for which it has a direct, cooperative incident response relationship.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for incident response plan approach as related to overall incident response requirements.
|
1.0 |
