CII / Essential Entity Notification Guide
Minimal notification framework for regulated and critical digital service incidents.
SEVERITY
WHO SHOULD USE THIS
CII and essential service operators, regulated entities, and institutions with national continuity obligations.
High impact incident
ACTIVE SEVERITY: HIGH
1. Provide operational impact on essential service delivery.
2. Include evidence of spread/degradation risk.
3. Provide update cadence for next 24 hours.
Sensitive data sharing
1. Classify sensitive intelligence before sharing (TLP style handling).
2. Use secure/encrypted channels for forensic artifacts.
3. Share minimum necessary information for triage and response.
Minimum notification packet
Include incident start time, affected critical services, business/public impact, active containment actions, dependency impact, and accountable technical and executive contacts.