>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

RS.AN-08An incident’s magnitude is estimated and validated

>Control Description

This incident analysis subcategory ensures that an incident’s magnitude is estimated and validated. Key activities include: Review other potential targets of the incident to search for indicators of compromise and evidence of persistence; Automatically run tools on targets to look for indicators of compromise and evidence of persistence.

>Cross-Framework Mappings

NIST SP 800-53 r5

via NIST CSF 2.0 Concept Crosswalk
IR-04
Compare
IR-08
Compare
RA-03
Compare
RA-07
Compare

PCI DSS v4.0.1

via NIST OLIR Catalog
1.2.3
Compare
1.2.4
Compare
10.4.1
Compare
12.5.1
Compare

ISO 27001:2022

via NIST OLIR Catalog
5.25
Compare

SCF

IRO-02.4
Compare

>Informative References

Official NIST mappings to external frameworks and standards. Source: NIST CSF 2.0

CRI Profile v2.0

RS.AN-08
RS.AN-08.01

ISO/IEC 27001:2022

Mandatory Clause: None
Annex A Controls: 5.25

NICE Framework

IO-WRL-001
IO-WRL-003
IO-WRL-006
OG-WRL-012
PD-WRL-003
PD-WRL-004

PCI DSS

10.4.1
1.2.3
1.2.4
12.5.1

SCF

IRO-02.4

SP 800-171 Rev 3

03.06.01
03.06.05
03.11.01
03.11.04

SP 800-53 Rev 5.1.1

IR-04
IR-08
RA-03
RA-07

SP 800-53 Rev 5.2.0

IR-04
IR-08
RA-03
RA-07

Ask AI

Configure your API key to use AI features.