Categories: Government

Securities Exchange Commission (SEC) “Incident Response Capability Handbook” – April 2014

Background

Although the purpose and scope of this document is exempt from disclosure, I was able to find reference to the handbook to obtain a description of it, and get an idea of it’s purpose.

The following comes from the 2010 Annual FISMA Executive Summary Report:

The SEC has implemented policies and procedures to address Incident Response which are well documented and address the NIST and OMB43 guidance. C5i’s review of the SEC’s Incident Response Capability (IRC) Handbook provided evidence of the SEC’s attributes for its incident response and reporting program. The SEC IRC Handbook was developed to assist in the mission of the SEC Computer Security Incident Response Team. The handbook defines processes and procedures, roles and responsibilities, types of incidents, reporting criteria and timeframes, evidence collection and handling, event categories and incident severity, etc., as well as post-mortem procedures, e.g., lessons learned. The handbook also defines which types of incidents are required to be reported to the United States Computer Emergency Readiness Team (US-CERT) (based on OMB A-130 and FISMA) and which do not. The types of incidents that are not required to be reported are incidents that are self-inflicted, did not result in unauthorized access, or were not a result of attackers’ actions.

Continue scrolling for more...

Document Archive

 Securities Exchange Commission (SEC) “Incident Response Capability Handbook” – April 2014 [46 Pages, 2.2MB]

https://documents.theblackvault.com/documents/SEC/SEC-IRS-April2014.pdf

Follow The Black Vault on Social Media:

This post was published on April 12, 2017 8:30 pm

John Greenewald

Recent Posts

The Robert F. Kennedy Assassination Records Archive

In January 2025, President Donald J. Trump signed Executive Order 14176, titled "Declassification of Records…

April 28, 2025

FOIA Release Reveals Secret Charter Behind Creation of Pentagon’s UAP Task Force

Nearly five years ago, The Black Vault filed a Freedom of Information Act (FOIA) request…

April 23, 2025

Lake Erie, Saudi Arabia, and Dugway: Army Records Trace UAP Surveillance Footprint

A newly released set of U.S. Army intelligence records offers a rare glimpse into behind-the-scenes…

April 22, 2025

DOD Polygraph Institute 1999 Audiovisual Training Archive

In 1999, the Department of Defense Polygraph Institute (DoDPI) released a bibliography of audiovisual training…

April 8, 2025

J.F.K. Assassination Records Archive – Previously Withheld JFK Assassination Documents Database

Background The assassination of John F. Kennedy, the 35th President of the United States, is…

April 7, 2025

The Pentagon Says AATIP Wasn’t About UFOs—But the Man Slated to Take It Over Ended Up Designing the Government’s UAP Strategy

A newly released batch of documents, obtained through the Freedom of Information Act (FOIA), reveals…

April 2, 2025