DE.AE-04—The estimated impact and scope of adverse events are understood
>Control Description
This adverse event analysis subcategory ensures that the estimated impact and scope of adverse events are understood. Key activities include: Use SIEMs or other tools to estimate impact and scope, and review and refine the estimates; A person creates their own estimates of impact and scope.
>Cross-Framework Mappings
NIST SP 800-53 r5
via NIST CSF 2.0 Concept CrosswalkISO 27001:2022
via NIST OLIR Catalog>Informative References
Official NIST mappings to external frameworks and standards. Source: NIST CSF 2.0
CCMv4.0
LOG-03
SEF-05
SEF-06
CRI Profile v2.0
DE.AE-04
DE.AE-04.01
CSF v1.1
DE.AE-4
ISO/IEC 27001:2022
Mandatory Clause: None
Annex A Controls: 5.25
NICE Framework
DD-WRL-004
IO-WRL-006
OG-WRL-002
OG-WRL-012
PD-WRL-001
PD-WRL-006
PCI DSS
10.2.1
10.4.1
1.2.3
1.2.4
12.5.1
SCF
IRO-02
IRO-02.4
SP 800-53 Rev 5.1.1
PM-09
PM-11
PM-18
PM-28
PM-30
SP 800-53 Rev 5.2.0
PM-09
PM-11
PM-18
PM-28
PM-30
Ask AI
Configure your API key to use AI features.