M1.3.3 CONTACT WITH AUTHORITIES Implemetation Guidance
The entity shall maintain appropriate contacts with relevant authorities.
Back to M1.3.3 - P4 - CONTACT WITH AUTHORITIES
Entities should have procedures in place that specify when and by whom authorities (e.g. law enforcement, fire department, supervisory authorities) should be contacted, and how identified information security incidents should be reported in a timely manner if it is suspected that laws may have been broken. (Refer to Information Security Events and Weaknesses Reporting T8.3).
Entities under attack from the Internet may need external third parties (e.g. an Internet service provider or telecommunications operator) to take action against the attack source. Contact with authorities also could include external working groups.
