ID.IM-04.190
Do your contingency plans include comprehensive contact information, communication procedures, scenario handling processes, and clear criteria for prioritization, escalation, and elevation?
Explanation
Effective contingency plans must include detailed contact information for all key personnel, specific communication channels and procedures, documented processes for handling common scenarios, and clear criteria for when to prioritize, escalate or elevate issues. Without these elements, organizations risk delayed responses, miscommunication, and inconsistent handling of incidents during critical situations. Evidence of fulfillment could include a documented contingency plan template or actual plan that contains sections for: contact directories with roles and alternates, communication protocols with channels and escalation paths, scenario-based response procedures, and a decision matrix for prioritization and escalation criteria.
Implementation Example
Include contact and communication information, processes for handling common scenarios, and criteria for prioritization, escalation, and elevation in all contingency plans
ID: ID.IM-04.190
Context
- Function
- ID: IDENTIFY
- Category
- ID.IM: Improvement
- Sub-Category
- Incident response plans and other cybersecurity plans that affect operations are established, communicated, maintained, and improved
