NIST CSF: ID.SC-5 Subcategory

From NIST's Cyber Security Framework (version 1):

Response and recovery planning and testing are conducted with suppliers and third-party providers

Cyber Threat Graph Context

Explore how this control relates to the wider threat graph

CSF Mapped to SP800-53 Controls

Generated from NIST's SP800-53/CSF Crosswalk mappings.

Search:

Node
IR-4: Incident Handling
IR-3: Incident Response Testing
IR-6: Incident Reporting
CP-4: Contingency Plan Testing
IR-8: Incident Response Plan
CP-2: Contingency Plan
IR-9: Information Spillage Response

Showing 1 to 7 of 7 entries

Related ISO 27001 Controls

Annex A controls from ISO 27001 (2013) which are related to this CSF subcategory, taken from mappings by NIST and additional data from Ofgem.

Verify, review, and evaluate information security continuity (17.1.3)
ISO 27001:2013

Related ISA/IEC 62443 Controls

Clauses and controls from IEC 62443 (62443-2-1 and 62443-3-3) which are related to this CSF subcategory, taken from mappings by NIST and additional data from Ofgem.

Test and update the business continuity plan (4.3.2.5.7)
ISA/IEC 62443-2-1:2009
Control system backup (SR 7.3)
ISA/IEC 62443-3-3:2013
Control system recovery and reconstitution (SR 7.4)
ISA/IEC 62443-3-3:2013
Auditable events (SR 2.8)
ISA/IEC 62443-3-3:2013
Security functionality verification (SR 3.3)
ISA/IEC 62443-3-3:2013
Conduct drills (4.3.4.5.11)
ISA/IEC 62443-2-1:2009

MITRE ATT&CK Techniques

See which MITRE ATT&CK techniques this control helps to protect against. This is based on mappings to associated SP800-53 controls.

Search:

ATT&CK ID	Title	Associated Tactics
T1561	Disk Wipe	Impact
T1561.001	Disk Content Wipe	Impact
T1486	Data Encrypted for Impact	Impact
T1490	Inhibit System Recovery	Impact
T1491.001	Internal Defacement	Impact
T1485	Data Destruction	Impact
T1561.002	Disk Structure Wipe	Impact
T1491.002	External Defacement	Impact
T1491	Defacement	Impact

Showing 1 to 9 of 9 entries

CSF Mapped to the NCSC CAF

Cyber Assessment Framework mappings generated from UK Cabinet Office data.

Search:

Control ID	Name	Description
D1.c	Testing and Exercising	Your organisation carries out exercises to test response plans, using past incidents that affected your (and other) organisation, and scenarios that draw on threat intelligence and your risk assessment.
D1.b	Response and Recovery Capability	You have the capability to enact your incident response plan, including effective limitation of impact on the operation of your essential function. During an incident, you have access to timely information on which to base your response decisions.
B5.a	Resilience Preparation	You are prepared to restore the operation of your essential function following adverse impact.
A4.a	Supply Chain	The organisation understands and manages security risks to networks and information systems supporting the operation of essential functions that arise as a result of dependencies on external suppliers. This includes ensuring that appropriate measures are employed where third party services are used.
D1.a	Response Plan	You have an up-to-date incident response plan that is grounded in a thorough risk assessment that takes account of your essential function and covers a range of incident scenarios.

Showing 1 to 5 of 5 entries

NIST CSF: ID.SC-5 Subcategory

Cyber Threat Graph Context

CSF Mapped to SP800-53 Controls

Related ISO 27001 Controls

Verify, review, and evaluate information security continuity (17.1.3)

Related ISA/IEC 62443 Controls

Test and update the business continuity plan (4.3.2.5.7)

Control system backup (SR 7.3)

Control system recovery and reconstitution (SR 7.4)

Auditable events (SR 2.8)

Security functionality verification (SR 3.3)

Conduct drills (4.3.4.5.11)

MITRE ATT&CK Techniques

CSF Mapped to the NCSC CAF