SCF - IRO-10.2 - Cyber Incident Reporting for Sensitive Data
Mechanisms exist to report sensitive/regulated data incidents in a timely manner.
Mapped framework controls
SOC 2
Control questions
Does the organization report sensitive/regulated data incidents in a timely manner?