Text of Recommendation | Update the PIHG to incorporate the guidance for incident response plans from NIST Special Publication 800-122 including comprehensive guidance, such as:
a) ensuring the proper notification of the appropriate individuals and organizations when evaluating and responding to a suspected PII breach, by identifying points of contact, including external entities, and how to contact them
b) stating what information is to be provided to US-CERT and the reporting method, such as through a phone call, email, or a website
c) stating how to document that the information was reported to US-CERT. |
---|---|
Recommendation Number | 9 |
Recommendation Status | Closed |
Significant Recommendation | No |
Recommendation Questioned Costs | $0 |
Recommendation Funds for Better Use | $0 |
Submitting OIG | |
---|---|
Linked Report |