IRO-07
Integrated Security Incident Response Team (ISIRT)
Description
Mechanisms exist to establish an integrated team of cybersecurity, IT and business function representatives that are capable of addressing cybersecurity and data protection incident response operations.
Control Question
Does the organization establish an integrated team of cybersecurity, IT and business function representatives that are capable of addressing cybersecurity and data protection incident response operations?
Control Metadata
Domain:
Incident Response
Validation Cadence:
Annual
Evidence Request List:
E-IRO-01 E-IRO-09
Framework Mappings
This control maps to the following compliance frameworks
APRA CPS234
232425(a)25(b)
MAS TRM
7.7.5
HKIA GL20
4.14.24.35.15.25.35.45.55.65.76.16.2