FedRAMP Control Explorer

IR-6 Incident Reporting

Control

a.
Require personnel to report suspected incidents to the organizational incident response capability within [US-CERT incident reporting timelines as specified in NIST Special Publication 800-61 (as amended)] ; and
b.
Report incident information to [Assignment: organization-defined authorities].
Requirement:
Reports security incident information according to FedRAMP Incident Communications Procedure.

Discussion

The types of incidents reported, the content and timeliness of the reports, and the designated reporting authorities reflect applicable laws, executive orders, directives, regulations, policies, standards, and guidelines. Incident information can inform risk assessments, control effectiveness assessments, security requirements for acquisitions, and selection criteria for technology products.

FedRAMP-Defined Assignment / Selection Parameters