Relevant information from across the organisation is available to enhance situational awareness
Context and Guidance: In addition to data collected through monitoring, processes are in place to collect relevant information that may add detail or clarity to situational awareness, or helps to corroborate multiple sources of similar information. Relevant information can include after-action reports from incidents, calls to help desks about suspicious activity, and reports and statistics on phishing attempts. Situational awareness is more complete when it uses multiple sources of information.
Related Practices • Information Sharing: This practice is part of a group of cross-domain practices that enable information sharing with organisational stakeholders. These include: THREAT-1i, THREAT-2h, THREAT-2k, RISK-1c1d, SITUATION-3a, SITUATION-3c, SITUATION-3d, SITUATION-3e, RESPONSE-2g, RESPONSE-3c, RESPONSE-3f. • Progression: This practice is part of a practice progression. Practice progressions are groups of related practices that represent increasingly complete or more advanced implementations of an activity. The practices in this progression include: SITUATION-3c, SITUATION-3e, SITUATION-3f.