12.10.1—An incident response plan exists and is ready to be activated in the event of a suspected or confirmed security incident.
>Requirement Description
An incident response plan exists and is ready to be activated in the event of a suspected or confirmed security incident. The plan includes, but is not limited to: Roles, responsibilities, and communication and contact strategies in the event of a suspected or confirmed security incident, including notification of payment brands and acquirers, at a minimum. Incident response procedures with specific containment and mitigation activities for different types of incidents. Business recovery and continuity procedures. Data backup processes. Analysis of legal requirements for reporting compromises. Coverage and responses of all critical system components. Reference or inclusion of incident response procedures from the payment brands.
>Cross-Framework Mappings
NIST CSF 2.0
via NIST OLIR CatalogDE.AE-06
CompareDE.AE-08
CompareGV.OC-04
CompareGV.RM-04
CompareGV.RM-05
CompareGV.SC-02
CompareGV.SC-08
CompareGV.SC-10
CompareID.IM-04
CompareID.RA-06
ComparePR.DS-11
ComparePR.IR-02
ComparePR.IR-03
CompareRC.CO-03
CompareRC.CO-04
CompareRC.RP-01
CompareRC.RP-02
CompareRC.RP-03
CompareRC.RP-04
CompareRS.CO-02
CompareRS.CO-03
CompareRS.MA-01
CompareRS.MA-02
CompareRS.MA-03
CompareRS.MA-04
CompareRS.MA-05
CompareRS.MI-01
CompareRS.MI-02
CompareAsk AI
Configure your API key to use AI features.