escalation
escalation Controls
5 controls across 2 frameworks.
CISA CPG
NIST CSF
de-ae-6
Information on adverse events is provided to authorized staff and tools
Detect / Adverse Event Analysis
high 3h
de-ae-8
Incidents are declared when adverse events meet the defined criteria
Detect / Adverse Event Analysis
high 3h
gv-rm-5
Lines of communication across the organization are established for cybersecurity risks, including risks from suppliers and other third parties
Govern / Risk Management Strategy
high 3h
rs-ma-4
Escalate or elevate incidents as needed
Respond / Incident Management
high 2h