>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

Article 33.6Article 33.6

>Control Description

After a security incident, the CCN-CERT will technically determine the risk of reconnection of the affected system or systems, indicating the procedures to follow and the safeguards to implement in order to reduce the impact and, to the extent possible, avoid that the circumstances that led to it occur again. After a security incident, the General Secretariat of Digital Administration, without prejudice to the regulations that regulate the continuity of information systems involved in public security or the regulations that regulate the continuity of military information systems involved in National Defense that require the participation of the ESPDEF-CERT of the Joint Cyberspace Command, will authorize reconnection to the common means and services included under its scope of responsibility, including shared or transversal ones, if a CCN-CERT exposure surface report has determined that the risk is acceptable. In the event that it is a security incident that affects a common means or service under the scope of responsibility of the General Intervention of the State Administration, it will participate in the process of authorization of the reconnection referred to in the previous paragraph.

Ask AI

Configure your API key to use AI features.