NIST CSF 2.0 Category

RS.MI Incident Mitigation

RS Respond | Contain and eradicate threats while preserving operational stability.

Implementation Objective

Minimize operational impact by containing threats quickly and eradicating root causes without introducing new risk.

Implementation Actions

Use containment playbooks by scenario.
Sequence eradication with evidence preservation.
Validate recovery before full restoration.

Evidence Examples

Mitigation runbooks
Action logs
Recovery validation checklist

Suggested Metrics

First-pass containment success
Reinfection rate

Framework Crosswalk

Direct mappings for this CSF category into NIST SP 800-171 family sections and CIS Controls v8 implementation domains.

NIST SP 800-171 Families

CIS Controls v8

Navigation

Back to NIST CSF 2.0 Categories CIS Controls v8 Guidance FedRAMP Guidance Cybersecurity Glossary