NIST 800-171 · 3.6 Incident Response

3.6.1 Establish an incident-handling capability

Establish an operational incident-handling capability including preparation, detection, analysis, containment, recovery and user response.

Mapped across 13 provisions

Equivalent and related requirements in other frameworks and regulations.

DORAPartialCurated
Art. 17 ICT-related incident management process
Réponse aux incidents et notification des violations
DORAPartialCurated
Art. 19 Reporting of major ICT-related incidents
Réponse aux incidents et notification des violations
GDPRRelatedCurated
Art. 33 Notification of a personal data breach to the supervisory authority
Réponse aux incidents et notification des violations
GLBAPartialCurated
§314.4(h) Incident response plan
Réponse aux incidents et notification des violations
HIPAAPartialCurated
§164.308(a)(6) Security incident procedures
Réponse aux incidents et notification des violations
HIPAARelatedCurated
§164.404 Notification to individuals
Réponse aux incidents et notification des violations
ISO 27001PartialCurated
A.5.24 Information security incident management planning and preparation
Réponse aux incidents et notification des violations
ISO 27001PartialCurated
A.5.26 Response to information security incidents
Réponse aux incidents et notification des violations
LGPDRelatedCurated
Art. 48 Communication of a security incident
Réponse aux incidents et notification des violations
NIS2PartialCurated
Art. 21(2)(b) Incident handling
Réponse aux incidents et notification des violations
NIS2PartialCurated
Art. 23 Reporting obligations
Réponse aux incidents et notification des violations
NIST 800-53PartialCurated
IR-4 Incident handling
Réponse aux incidents et notification des violations
NIST 800-53PartialCurated
IR-6 Incident reporting
Réponse aux incidents et notification des violations

← All NIST 800-171 requirements