{"id":4306,"date":"2017-04-12T20:30:27","date_gmt":"2017-04-12T20:30:27","guid":{"rendered":"http:\/\/www.theblackvault.com\/documentarchive\/?p=4306"},"modified":"2017-04-12T20:30:27","modified_gmt":"2017-04-12T20:30:27","slug":"securities-exchange-commission-sec-incident-response-capability-handbook-april-2014","status":"publish","type":"post","link":"https:\/\/www.theblackvault.com\/documentarchive\/securities-exchange-commission-sec-incident-response-capability-handbook-april-2014\/","title":{"rendered":"Securities Exchange Commission (SEC) “Incident Response Capability Handbook” – April 2014"},"content":{"rendered":"

Background<\/h3>\n

Although the purpose and scope of this document is exempt from disclosure, I was able to find reference to the handbook to obtain a description of it, and get an idea of it’s purpose.<\/p>\n

The following comes from the\u00a02010 Annual FISMA Executive Summary Report<\/a>:<\/p>\n

The SEC has implemented policies and procedures to address Incident Response which are well documented and address the NIST and OMB43 guidance. C5i\u2019s review of the SEC\u2019s Incident Response Capability (IRC) Handbook provided evidence of the SEC\u2019s attributes for its incident response and reporting program. The SEC IRC Handbook was developed to assist in the mission of the SEC Computer Security Incident Response Team. The handbook defines processes and procedures, roles and responsibilities, types of incidents, reporting criteria and timeframes, evidence collection and handling, event categories and incident severity, etc., as well as post-mortem procedures, e.g., lessons learned. The handbook also defines which types of incidents are required to be reported to the United States Computer Emergency Readiness Team (US-CERT) (based on OMB A-130 and FISMA) and which do not. The types of incidents that are not required to be reported are incidents that are self-inflicted, did not result in unauthorized access, or were not a result of attackers\u2019 actions. <\/strong><\/em><\/p>\n

Document Archive<\/h3>\n

\u00a0Securities Exchange Commission (SEC) “Incident Response Capability Handbook” – April 2014<\/a> [46 Pages, 2.2MB]<\/p>\n

https:\/\/documents.theblackvault.com\/documents\/SEC\/SEC-IRS-April2014.pdf<\/p>\n","protected":false},"excerpt":{"rendered":"

Background Although the purpose and scope of this document is exempt from disclosure, I was able to find reference to the handbook to obtain a description of it, and get an idea of it’s purpose. The following comes from the\u00a02010 Annual FISMA Executive Summary Report: The SEC has implemented policies and procedures to address Incident<\/p>\n","protected":false},"author":1,"featured_media":4307,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"episode_type":"","audio_file":"","transcript_file":"","podmotor_file_id":"","podmotor_episode_id":"","cover_image":"","cover_image_id":"","duration":"","filesize":"","filesize_raw":"","date_recorded":"","explicit":"","block":"","_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_feature_clip_id":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_post_was_ever_published":false},"categories":[2],"tags":[1025,227,974,973],"class_list":["post-4306","post","type-post","status-publish","format-standard","has-post-thumbnail","category-government","tag-cyber-security","tag-cyber-terrorism","tag-sec","tag-securities-and-exchange-commission"],"aioseo_notices":[],"aioseo_head":"\n\t\t\n\t\n\t\n\t\n\t\n\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t