Skip to main content
MuonPartners
Services
Architecture

Solution design and technology roadmapping

Solution AssessmentTechnology RoadmapsIntegration DesignSolution ArchitectureTechnical Design
Cyber Security

Security assessments, IAM, and compliance

AssessmentsIAMComplianceSecurity BaselineCyber Innovation
Network and Platform

Network architecture and cloud platforms

Network DesignCloud StrategyModernisation
Enterprise Architecture

Business-technology alignment

Business AlignmentPortfolio AnalysisGovernance
View all services
ProjectsCase StudiesInsightsToolsAbout
Contact Us

Services

Architecture
Solution AssessmentTechnology RoadmapsIntegration DesignSolution ArchitectureTechnical Design
Cyber Security
AssessmentsIAMComplianceSecurity BaselineCyber Innovation
Network and Platform
Network DesignCloud StrategyModernisation
Enterprise Architecture
Business AlignmentPortfolio AnalysisGovernance
ProjectsCase StudiesInsightsToolsAboutContact
Get in Touch
MuonPartners

Strategic technology consulting for Australian organisations navigating complexity.

Services

  • Architecture
  • Cyber Security
  • Network and Platform
  • Enterprise Architecture

Company

  • About
  • Products
  • Frameworks
  • Cross-Framework Mapping
  • Projects
  • Case Studies
  • Insights
  • Contact

Contact

  • [email protected]
  • Australia
  • LinkedIn

© 2026 Muon Partners. All rights reserved.

ABN 50 669 022 315 · A Muon Group company.

Privacy PolicyTerms of Service
  1. Frameworks
  2. >AESCSF
  3. >SITUATION
  4. >Establish And Maintain Situational Awareness
  5. >AESCSF-SITUATION-3d
AESCSF-SITUATION-3dActive

Situational awareness reporting requirements have been defined and address timely dissemination of cybersecurity info...

Statement

Situational awareness reporting requirements have been defined and address timely dissemination of cybersecurity information to organisation-defined stakeholders

Context and Guidance: Situational awareness reporting requirements should define the development, delivery, and maintenance of situational awareness communications needed for each type of stakeholder. For example, situational awareness communications to law enforcement will differ significantly from those to the board of directors. The plan should address near-term development and delivery and should be adjusted with some regularity in response to new or changing needs and from the assessment of the effectiveness of communications activities. These are examples of stakeholders for situational awareness reporting: • organisational leaders • cybersecurity program leadership and team members • individuals across the organisation for whom a cybersecurity incident would have an impact • information sharing and analysis centers • government entities • law enforcement • connected organisations • vendors • sector organisations (such as trade associations) • regulators

These are examples of situational awareness reporting requirements: • the frequency and timing of communications • special controls over communications (e.g., encryption or secured communications) that are appropriate for some stakeholders • resources that will be required • internal and external resources that are involved in supporting the communications process • internal and external points of contact by role • communication methods and channels to be used • The assets, people, and systems (including external systems such as cellular networks) that may be unavailable during response and what backup resources may be needed

Related Practices • Information Sharing: This practice is part of a group of cross-domain practices that enable information sharing with organisational stakeholders. These include: THREAT-1i, THREAT-2h, THREAT-2k, RISK-1c1d, SITUATION-3a, SITUATION-3c, SITUATION-3d, SITUATION-3e, RESPONSE-2g, RESPONSE-3c, RESPONSE-3f.

Location

Domain
SITUATION
Objective
Establish and Maintain Situational Awareness

Practice Details

Identifier
AESCSF-SITUATION-3d
Type
Practice
Domain
SITUATION
Objective
Establish and Maintain Situational Awareness

Maturity Level

MIL-1MIL-2MIL-3

Security Profile

SP-1SP-2SP-3
ISM
ISM-0720relatedvia aescsf-reference
ISM-0120relatedvia aescsf-reference
ISM-0109relatedvia aescsf-reference
ISM-1228relatedvia aescsf-reference
C2M2
C2M2-SITUATION-3Dequivalentvia derived-shared-practice-structure
View in graphReport an issue
← Back to Establish and Maintain Situational Awareness
Establish and Maintain Situational Awareness7 controls
AESCSF-SITUATION-3aMethods of communicating the current state of cybersecurity for the function are established and maintainedAESCSF-SITUATION-3bMonitoring data are aggregated to provide an understanding of the operational state of the functionAESCSF-SITUATION-3cRelevant information from across the organisation is available to enhance situational awarenessAESCSF-SITUATION-3dSituational awareness reporting requirements have been defined and address timely dissemination of cybersecurity info...AESCSF-SITUATION-3eRelevant information from outside the organisation is collected and made available across the organisation to enhance...AESCSF-SITUATION-3fA capability is established and maintained to aggregate, correlate, and analyse the outputs of cybersecurity monitori...AESCSF-SITUATION-3gPredefined states of operation are documented and can be implemented based on the cybersecurity state of the function...