RS.RP-1

Response plan is executed during or after an incident

Respond · Response Planning

Manual Attestation

Compliance Score

15%

Non-Compliant

Documentation Maturity

1/ 5

Target: 2.5

Implementation Maturity

1/ 5

Target: 2.5

Control Description

An incident response plan exists and is activated when a cybersecurity incident is detected. The plan defines roles, communication procedures, and escalation paths.

Findings (1)

0/1 items compliant

Severity	Finding	Recommendation
high	Improvement needed: Response plan is executed during or after an incident Current implementation does not fully meet the requirements of RS.RP-1.	Develop an incident response plan covering: detection, containment, eradication, recovery, and lessons learned. Define roles (incident manager, technical lead, communications). Include contact information for CERT.be and relevant authorities. Test the plan annually.

Severity

Finding

high

Improvement needed: Response plan is executed during or after an incident

Current implementation does not fully meet the requirements of RS.RP-1.

Remediation Guidance

Develop an incident response plan covering: detection, containment, eradication, recovery, and lessons learned. Define roles (incident manager, technical lead, communications). Include contact information for CERT.be and relevant authorities. Test the plan annually.