This Tactical Tier control triangle seeks to ensure that incidents are promptly detected and resolved, recurring issues are addressed at their root cause, and the organisation has a robust plan in place for recovery in the event of a disaster, ensuring minimal impact to business operations.

This control rolls down from the Manage Capability Domain and cascades into: 3.3.3.1-Manage ICT Events, 3.3.3.2-Manage ICT Problems, and 3.3.3.3-Manage ICT Recovery controls.

---

Control Mappings:
Cobit:2019 ➡️ BAI04; BAI04.02; DSS02; DSS02.01; DSS02.02; DSS02.04; DSS02.05; DSS02.06; DSS03; DSS03.01; DSS03.02; DSS03.03; DSS03.04; DSS04; DSS04.03; DSS04.08
PCI:DSSv4.01 ➡️ 12; 12.10; 12.10.2; 12.10.3; 12.10.5; 12.10.6; 12.10.7; A1.2.2
GDPR:2024 ➡️ Art.32; Art.33; Art.34
ISO27001:2022 ➡️ 4; 4.4; 6; 6.1.3; 8; 8.1; 8.3
ISO31000:2018 ➡️ 6.4
ISO38500:2024 ➡️ 5.5.3; 7.2.6
ITIL:v4 ➡️ GM10; SM15; SM17; SM18; SM19; SM21; SM22; SM26; SM28; SM29
CIS:v8 ➡️ Incident Response Management; Establish and Maintain an Incident Response Process