Coordination with External Providers IR-7(2)

Overview:
The organization:
(a) Establishes a direct, cooperative relationship between its incident response capability and external providers of information system protection capability; and
(b) Identifies organizational incident response team members to the external providers.

Supplemental Guidance:
External providers of information system protection capability include, for example, the Computer Network Defense program within the U.S. Department of Defense. External providers help to protect, monitor, analyze, detect, and respond to unauthorized activity within organizational information systems and networks.

Action Items:
1) Establish relationships with external Incident Response experts

Related Documents:
1) Incident Response Plan

Additional Guidance:
Moderate FedRAMP-Defined Assignment / Selection Parameters
none

Moderate Additional FedRAMP Requirements and Guidance
none