1. Governance
Governance frames the way in which CIRR is organised and managed. It aligns CIRR activities with goals set for continuity of business operations, sets the organisational structure and roles needed to coordinate response and recovery across internal functions, business lines, organisations, jurisdictions or even sectors. Governance involves defining the decision-making framework with clear steps and measures of success, and allocates responsibilities and accountabilities to ensure that the right internal and external stakeholders are engaged when a cyber incident occurs. Governance also encapsulates the commitment to support CIRR activities through adequate sponsorship by senior management and to promote positive behaviours dealing with, and following, a cyber incident.
1. Organisation-wide governance framework. The CIRR governance structure is part of the broader organisation-wide governance framework. CIRR objectives and priorities are aligned with the organisation's risk management framework and are communicated and understood throughout the organisation. Based on the risk management framework, roles and responsibilities are clearly defined for managing CIRR activities and internal processes to facilitate effective decision-making when handling a cyber incident.