RC.CO-03.361
Has your organization established a formal process for coordinating crisis communication with critical suppliers during security incidents?
Explanation
This question assesses whether your organization has established clear protocols for communicating with critical suppliers during cybersecurity incidents or crises. Effective crisis communication with suppliers is essential to coordinate response efforts, minimize disruption to the supply chain, and ensure all parties have accurate information to make informed decisions during an incident. Evidence could include a documented crisis communication plan that specifically addresses supplier coordination, contact lists for key supplier personnel, templates for supplier notifications, and records of crisis communication drills or exercises conducted with critical suppliers.
Implementation Example
Coordinate crisis communication between the organization and its critical suppliers
ID: RC.CO-03.361
Context
- Function
- RC: RECOVER
- Category
- RC.CO: Incident Recovery Communication
- Sub-Category
- Recovery activities and progress in restoring operational capabilities are communicated to designated internal and external stakeholders
