|
ID.IM-02: Improvements are identified from security tests and exercises, including those done in coordination with suppliers and relevant third parties
|
http://cyfun.data.gift/data/nist_subcategory_ID_IM_02
|
5 |
|
ID.IM-02: Improvements are identified from security tests and exercises, including those done in coordination with suppliers and relevant third parties
|
http://cyfun.data.gift/data/subcategory_ID.IM-02
|
15 |
|
ID.IM-03.1: The organisation shall conduct post-incident evaluations to analyse lessons learned from incident response and recovery, and consequently improve processes / proce- dures / technologies to enhance its cyber resilience.
|
http://cyfun.data.gift/data/requirement_ID_IM_03_1
|
21 |
|
ID.IM-03.2: The organisation shall incorporate lessons learned from incident handling activities into updated or new incident handling processes and/or procedures that are framed by appropriate training after review, approval and testing.
|
http://cyfun.data.gift/data/requirement_ID_IM_03_2
|
19 |
|
ID.IM-03.3: The organisation shall identify improvements derived from the monitoring, measure- ments, assessments, and lessons learned and consequently translate this into improved processes / procedures / technologies to enhance its cyber resilience (continuous improvement).
|
http://cyfun.data.gift/data/requirement_ID_IM_03_3
|
19 |
|
ID.IM-03.4: The organisation shall collaborate and share information about its critical system's related security incidents and mitigation measures with designated partners.
|
http://cyfun.data.gift/data/requirement_ID_IM_03_4
|
19 |
|
ID.IM-03.5: Communication of effectiveness of protection technologies shall be shared with relevant stakeholders.
|
http://cyfun.data.gift/data/requirement_ID_IM_03_5
|
19 |
|
ID.IM-03.6: The organisation shall implement, where feasible, automated mechanisms to facilitate the process of information sharing and collaboration.
|
http://cyfun.data.gift/data/requirement_ID_IM_03_6
|
19 |
|
ID.IM-03.7: The organisation shall implement independent teams to assess its processes, best practices, and technology solutions to safeguard critical systems and assets.
|
http://cyfun.data.gift/data/requirement_ID_IM_03_7
|
17 |
|
ID.IM-03.8: The organisation shall ensure that the security plan for its critical systems facilitates the review, testing, and continual improvement of the security protection processes.
|
http://cyfun.data.gift/data/requirement_ID_IM_03_8
|
17 |
|
ID.IM-03.9: The organisation shall conduct specialised assessments including in-depth monitoring, vulnerability scanning, malicious user testing, insider threat assessment, performance/ load testing, and verification and validation testing on the organisation's critical systems.
|
http://cyfun.data.gift/data/requirement_ID_IM_03_9
|
18 |
|
ID.IM-03: Improvements are identified from execution of operational processes, procedures, and activities
|
http://cyfun.data.gift/data/nist_subcategory_ID_IM_03
|
5 |