IRO-01
Incident Response Operations
Description
Mechanisms exist to implement and govern processes and documentation to facilitate an organization-wide response capability for cybersecurity and data protection-related incidents.
Control Question
Does the organization implement and govern processes and documentation to facilitate an organization-wide response capability for cybersecurity and data protection-related incidents?
Control Metadata
Domain:
Incident Response
Validation Cadence:
Annual
Evidence Request List:
E-IRO-01
Framework Mappings
This control maps to the following compliance frameworks
APRA CPS 230
32
APRA CPS234
2324
MAS TRM
7.7.17.7.27.7.3(a)7.7.3(b)7.7.3(c)7.7.47.7.57.7.67.7.7
HKIA GL20
4.14.24.35.15.25.35.45.55.65.76.16.2