SID-OPS-01 — Incident Response and Management
| Property | Value |
|---|---|
| Status | to_do |
| Owner | operator |
| Category | process |
| CSF Function | respond |
| Group | Operational Controls |
Description
Incident response plan with escalation procedures, communication plan, and defined roles. Classification of security events. Response SLAs. Post-incident review and lessons learned. Must include eIDAS Art 5a(20) notification requirements. Siros Foundation provides L2/L3 technical support; operator handles first response.
Audit Findings
| Finding | Severity | Status |
|---|---|---|
| ISO-O-13 — Partial incident assessment and evidence handling | medium | open |