Cyber Compliance

Control domain

Réponse aux incidents et notification des violations

Detecting, managing and reporting security incidents and notifying authorities or affected people.

14 requirements across 9frameworks & regulations.

ISO 27001Partial
A.5.24 Information security incident management planning and preparation
ISO 27001Partial
A.5.26 Response to information security incidents
NIST 800-53Partial
IR-4 Incident handling
NIST 800-53Partial
IR-6 Incident reporting
NIST 800-171Partial
3.6.1 Establish an incident-handling capability
GLBAPartial
§314.4(h) Incident response plan
NIS2Partial
Art. 21(2)(b) Incident handling
NIS2Partial
Art. 23 Reporting obligations
DORAPartial
Art. 17 ICT-related incident management process
DORAPartial
Art. 19 Reporting of major ICT-related incidents
HIPAAPartial
§164.308(a)(6) Security incident procedures
HIPAARelated
§164.404 Notification to individuals
GDPRRelated
Art. 33 Notification of a personal data breach to the supervisory authority
LGPDRelated
Art. 48 Communication of a security incident

← Correspondances