RS.MA-01.309

Does your organization have a formal agreement with an external incident response provider that can be engaged when needed?

Explanation

This question assesses whether your organization has established a relationship with an external incident response service provider that can be called upon during security incidents that exceed internal capabilities. Having a pre-established relationship with incident response specialists ensures rapid access to expertise during critical security events, potentially reducing the impact and recovery time of incidents. Evidence could include a signed service level agreement (SLA) or contract with an incident response provider, documentation showing the process for requesting external assistance, and contact information for the provider's incident response team.

Implementation Example

Request incident response assistance from the organization's incident response outsourcer

ID: RS.MA-01.309

Context

Function: RS: RESPOND
Category: RS.MA: Incident Management
Sub-Category: The incident response plan is executed in coordination with relevant third parties once an incident is declared

ResponseHub is the product I wish I had when I was a CTO

Previously I was co-founder and CTO of Progression, a VC backed HR-tech startup used by some of the biggest names in tech.

As our sales grew, security questionnaires quickly became one of my biggest pain-points. They were confusing, hard to delegate and arrived like London busses - 3 at a time!

I'm building ResponseHub so that other teams don't have to go through this. Leave the security questionnaires to us so you can get back to closing deals, shipping product and building your team.

Neil Cameron

Founder, ResponseHub