• Requirement

    (a) Establish a direct, cooperative relationship between its incident response capability and external providers of system protection capability; and
    (b) Identify organizational incident response team members to the external providers.

  • Discussion

    External providers of a system protection capability include the Computer Network Defense program within the U.S. Department of Defense. External providers help to protect, monitor, analyze, detect, and respond to unauthorized activity within organizational information systems and networks. It may be beneficial to have agreements in place with external providers to clarify the roles and responsibilities of each party before an incident occurs.

More Info

  • Title

    Incident Response Assistance | Coordination with External Providers
  • Family

    Incident Response
  • Related NIST 800-53 ID

CMMC Training

Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!