RS.MA-02.313

Does your organization have documented criteria for estimating the severity of security incidents?

Explanation

Established severity criteria help organizations consistently evaluate and prioritize security incidents based on factors like impact to systems, data sensitivity, and business operations. Without clear criteria, incident response may be inconsistent, leading to improper resource allocation or delayed response to critical incidents. Evidence could include a documented incident severity matrix or scoring system that defines different severity levels (e.g., critical, high, medium, low) with specific criteria for each level, such as number of affected systems, type of data compromised, or operational impact thresholds.

Implementation Example

Apply criteria to estimate the severity of an incident

ID: RS.MA-02.313

Context

Function: RS: RESPOND
Category: RS.MA: Incident Management
Sub-Category: Incident reports are triaged and validated

ResponseHub is the product I wish I had when I was a CTO

Previously I was co-founder and CTO of Progression, a VC backed HR-tech startup used by some of the biggest names in tech.

As our sales grew, security questionnaires quickly became one of my biggest pain-points. They were confusing, hard to delegate and arrived like London busses - 3 at a time!

I'm building ResponseHub so that other teams don't have to go through this. Leave the security questionnaires to us so you can get back to closing deals, shipping product and building your team.

Neil Cameron

Founder, ResponseHub