NIST 800-53 · IR — Incident Response
IR-4 Incident handling
Implement an incident-handling capability covering preparation, detection, analysis, containment, eradication and recovery.
Mapped across 13 provisions
Equivalent and related requirements in other frameworks and regulations.
- HIPAAEquivalentOfficial mapping
Source: HIPAA Security Rule / NIST SP 800-53 Rev. 5
§164.308(a)(6) Security incident proceduresIncident response & breach notification
- ISO 27001PartialOfficial mapping
Source: NIST SP 800-53 Rev. 5 / ISO/IEC 27001
A.5.24 Information security incident management planning and preparationIncident response & breach notification
- DORAPartialCuratedArt. 17 ICT-related incident management process
Incident response & breach notification
- DORAPartialCuratedArt. 19 Reporting of major ICT-related incidents
Incident response & breach notification
- GDPRRelatedCuratedArt. 33 Notification of a personal data breach to the supervisory authority
Incident response & breach notification
- GLBAPartialCurated§314.4(h) Incident response plan
Incident response & breach notification
- HIPAARelatedCurated§164.404 Notification to individuals
Incident response & breach notification
- ISO 27001PartialCuratedA.5.26 Response to information security incidents
Incident response & breach notification
- LGPDRelatedCuratedArt. 48 Communication of a security incident
Incident response & breach notification
- NIS2PartialCuratedArt. 21(2)(b) Incident handling
Incident response & breach notification
- NIS2PartialCuratedArt. 23 Reporting obligations
Incident response & breach notification
- NIST 800-171PartialCurated3.6.1 Establish an incident-handling capability
Incident response & breach notification
- NIST 800-53PartialCuratedIR-6 Incident reporting
Incident response & breach notification