IR-9(1) — Responsible Personnel

This enhancement requires you to identify specific personnel responsible for responding to information spillage incidents. These individuals should have the authority and training to manage spillage cleanup.

Example 1: Designate your Information System Security Officer (ISSO) or Facility Security Officer (FSO) as the primary spillage response lead. Document this assignment in your IR plan and ensure they have completed spillage response training.

Example 2: Create a spillage response team roster that includes your security officer, system administrator, and a representative from the program office that owns the spilled data. Post this roster alongside your IR plan and ensure all listed personnel understand their roles.