RS.MA-01.311

Does your organization have a process to activate additional cybersecurity plans (such as business continuity and disaster recovery) during incident response when needed?

Explanation

During a security incident, organizations may need to activate additional response mechanisms beyond the standard incident response procedures. This includes business continuity plans to maintain critical operations, disaster recovery procedures to restore systems, or crisis communication plans to manage stakeholder communications. Having these plans ready for activation ensures a comprehensive response to incidents that may escalate beyond routine security events. Evidence could include documented procedures for activating supplementary plans during incidents, decision matrices that outline activation criteria, incident response playbooks showing integration with other plans, or records from tabletop exercises demonstrating how these plans work together during simulated incidents.

Implementation Example

Initiate execution of additional cybersecurity plans as needed to support incident response (for example, business continuity and disaster recovery)

ID: RS.MA-01.311

Context

Function
RS: RESPOND
Category
RS.MA: Incident Management
Sub-Category
The incident response plan is executed in coordination with relevant third parties once an incident is declared

ResponseHub is the product I wish I had when I was a CTO

Previously I was co-founder and CTO of Progression, a VC backed HR-tech startup used by some of the biggest names in tech.

As our sales grew, security questionnaires quickly became one of my biggest pain-points. They were confusing, hard to delegate and arrived like London busses - 3 at a time!

I'm building ResponseHub so that other teams don't have to go through this. Leave the security questionnaires to us so you can get back to closing deals, shipping product and building your team.

Signature
Neil Cameron
Founder, ResponseHub
Neil Cameron