NIST CSF 2.0 Category

RS.MA Incident Management

RS Respond | Coordinate incident command, communications, and operational actions.

Implementation Objective

Execute a disciplined incident command process that coordinates responders, decisions, and stakeholder communications.

Implementation Actions

Maintain IR plan and comms matrix.
Operate command workflow during incidents.
Integrate legal/leadership stakeholders.

Evidence Examples

IR plan
Command logs
Incident summaries

Suggested Metrics

Containment time
Comms SLA adherence

Framework Crosswalk

Direct mappings for this CSF category into NIST SP 800-171 family sections and CIS Controls v8 implementation domains.

NIST SP 800-171 Families

CIS Controls v8

Navigation

Back to NIST CSF 2.0 Categories CIS Controls v8 Guidance FedRAMP Guidance Cybersecurity Glossary