| Trustmark Definition Name | Version |
|---|---|
|
Defines conformance and assessment criteria for compliance with minimum security requirements for incident response plan communication of changes as related to overall incident response requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for incident response plan Defines reportable incidents as related to overall incident response requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for incident response plan distribution as related to overall incident response requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for incident response plan metrics as related to overall incident response requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for incident response plan organizational requirements as related to overall incident response requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for incident response plan protection as related to overall incident response requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for incident response plan resources as related to overall incident response requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for incident response plan review and approval as related to overall incident response requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for incident response plan roadmap as related to overall incident response requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for incident response plan structure as related to overall incident response requirements.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for incident response plan updates as related to overall incident response requirements.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization tests the incident response capability for the information system at an organization-defined frequency to determine the incident response effectiveness.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization documents the results of its incident response testing.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization employs automated mechanisms to more thoroughly and effectively test the incident response capability.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization coordinates incident response testing with organizational elements responsible for related plans.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization's incident response training addresses individuals' actions.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization's incident response training addresses points of contact.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization employs automated mechanisms to provide a more thorough and realistic incident response training environment.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization incorporates simulated events into incident response training.
|
1.0 |
|
Specifies requirements in accordance with the DHS CISA Secure-by-Design Pledge, published by the U.S. Dept of Homeland Security (DHS) Cybersecurity and Infrastructure Agency (CISA). Requires an organization to include accurate common weakness enumeration (CWE) and common platform enumeration (CPE) fields in every common vulnerability and exposure (CVE) record that it publishes about its products and services.
|
1.0 |
|
Addresses the requirement for the organizations to use independent auditors for PKI compliance audits.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for indication of use of collaborative computing devices as related to overall system and communications protection requirements.
|
1.0 |
|
Addresses the requirement for the individual personnel shall be specifically designated to one of the four PKI trusted roles: Administrative, Officer, Auditor or Operator.
|
1.0 |
|
Specifies that a health care related organization must have policies for granting access to electronic protected health information.
|
1.0 |
|
Specifies that a health care related organization must implement procedures for granting access to electronic protected health information.
|
1.0 |
