NIST 800-53 REV 5 • INCIDENT RESPONSE

IR-4(15)Public Relations and Reputation Repair

Manage public relations associated with an incident; and Employ measures to repair the reputation of the organization.

CMMC Practice Mapping

No direct CMMC mapping

NIST 800-171 Mapping

No direct NIST 800-171 mapping

Related Controls

No related controls listed

Supplemental Guidance

It is important for an organization to have a strategy in place for addressing incidents that have been brought to the attention of the general public, have cast the organization in a negative light, or have affected the organization’s constituents (e.g., partners, customers). Such publicity can be extremely harmful to the organization and affect its ability to carry out its mission and business functions. Taking proactive steps to repair the organization’s reputation is an essential aspect of reestablishing the trust and confidence of its constituents.

Practitioner Notes

Major incidents can damage your organization's reputation. This enhancement requires you to have a plan for public communications and reputation management following a significant security incident.

Example 1: Pre-draft incident communication templates for different audiences: customers, media, regulators, and employees. Store these in your IR plan. Include holding statements, FAQs, and escalation criteria for when to activate your communications plan.

Example 2: Identify a spokesperson and a backup who are trained in crisis communications. Ensure legal reviews all external communications before release. Monitor social media and news coverage during an incident using Google Alerts or a media monitoring service to manage the narrative proactively.

More Incident Response Controls

IR-1 Policy and Procedures IR-2 Incident Response Training IR-2(1) Simulated Events IR-2(2) Automated Training Environments