Public and private parties, at both national and international
levels, should act in a timely coordinated manner to prevent and to respond
to breaches of the security of information systems.
Complexity: Due to the interconnected and transborder nature of information systems and the potential for damage to
systems to occur rapidly, organizations may need to act together swiftly to meet challenges to the security of
information systems. In addition, international and many national bodies require organizations to respond in a
timely manner to requests by individuals for corrections of privacy data. This principle recognizes the need for
the public and private sectors to establish mechanisms and procedures for rapid and effective incident
reporting, handling, and response.
This principle also recognizes the need for information security principles to use current, certifiable threat and
vulnerability information when making risk decisions, and current certifiable safeguard implementation and
availability information when making risk reduction decisions.
For example, an information system may also have a requirement for rapid and effective incident reporting,
handling, and response. In an information system, this may take the form of time limits for reset and recovery
after a failure or disaster. Each component of a continuity plan, continuity of operations plans, and disaster
recovery plan should have timeliness as a criteria. These criteria should include provisions for the impact the
event (e.g., disaster) may have on resource availability and the ability to respond in a timely manner.