1. APPENDIX A: KEY TERMS

APPENDIX A: KEY TERMS

³³ Using the CISA Cyber Incident Scoring System, this includes Level 3 events (orange), defined as those that are “likely to result in a demonstrable impact to public health or safety, national security, economic security, foreign relations, civil liberties, or public confidence”; Level 4 events (red), defined as those that are “likely to result in a significant impact to public health or safety, national security, economic security, foreign relations, or civil liberties”; and Level 5 events (black), defined as those that “pose an imminent threat to the provision of wide-scale critical infrastructure services, national government stability, or the lives of US persons.”

³⁴ The analysis for reporting a major breach to Congress is distinct and separate from the assessment of the potential risk of harm to individuals resulting from a suspected or confirmed breach. When assessing the potential risk of harm to individuals, agencies should refer to 0MB M-17-12.

Table of Contents

• INTRODUCTION
• INCIDENT RESPONSE PLAYBOOK
• VULNERABILITY RESPONSE PLAYBOOK
• APPENDIX A - KEY TERMS
• APPENDIX B - INCIDENT RESPONSE CHECKLIST
• APPENDIX C - INCIDENT RESPONSE PREPARATION CHECKLIST
• APPENDIX E - VULNERABILITY AND INCIDENT CATEGORIES
• APPENDIX F - SOURCE TEXT
• APPENDIX G - WHOLE-OF-GOVERNMENT ROLES AND RESPONSIBILITIES