The organisation should establish and maintain contact with relevant authorities.
Law Enforcement, regulatory bodies, and supervisory authorities play tremendous roles in helping an organisation prevent cyber incidents. Also, they help to recover from cyber incidents in case an organisation is affected by one. Therefore, organisations must establish and maintain contact with these entities.
However, this list is not exhaustive; the number of policies and content of each will sometimes vary from one organisation to another. The requirements of documented policies will often depend on factors such as business activities, risk level, types of information processed, and the effectiveness of other controls in place.
AvISO will be updating and reviewing all the information regularly, so keep us bookmarked and keep checking!
Got a question or need help? Don't hesitate to reach out to our team.