RS.CO-04

Does your organization coordinate incident response activities with all relevant stakeholders in accordance with your documented incident response plan?

Explanation

Effective incident response requires timely communication and coordination with appropriate stakeholders such as executive leadership, legal counsel, IT teams, affected business units, customers, and potentially regulatory bodies or law enforcement. This coordination should follow predefined protocols established in your incident response plan to ensure consistent handling of incidents and appropriate information sharing based on stakeholder roles and responsibilities. Evidence of fulfillment could include documentation of stakeholder communication templates, incident response playbooks showing communication workflows, records of past incident communications, or after-action reports demonstrating how stakeholder coordination occurred during actual incidents.

Context

Function: RS: RESPOND
Category: RS.CO: Incident Response Reporting and Communication
Sub-Category: Coordination with stakeholders occurs consistent with response plans

ResponseHub is the product I wish I had when I was a CTO

Previously I was co-founder and CTO of Progression, a VC backed HR-tech startup used by some of the biggest names in tech.

As our sales grew, security questionnaires quickly became one of my biggest pain-points. They were confusing, hard to delegate and arrived like London busses - 3 at a time!

I'm building ResponseHub so that other teams don't have to go through this. Leave the security questionnaires to us so you can get back to closing deals, shipping product and building your team.

Neil Cameron

Founder, ResponseHub