IR-5

  • Requirement

    Track and document incidents.

  • Discussion

    Documenting incidents includes maintaining records about each incident, the status of the incident, and other pertinent information necessary for forensics as well as evaluating incident details, trends, and handling. Incident information can be obtained from a variety of sources, including network monitoring, incident reports, incident response teams, user complaints, supply chain partners, audit monitoring, physical access monitoring, and user and administrator reports. IR-4 provides information on the types of incidents that are appropriate for monitoring.

More Info

  • Title

    Incident Monitoring
  • Family

    Incident Response
  • NIST 800-53B Baseline(s)

    • Low
    • Moderate
    • High
    • Privacy
  • Related NIST 800-53 ID

    AU-6;AU-7;IR-4;IR-6;IR-8;PE-6;PM-5;SC-5;SC-7;SI-3;SI-4;SI-7

NIST 800-53A Assessment Guidance

CMMC Training

Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!