This part of ISO/IEC 27035 is the foundation of this multipart International Standard. It presents basic concepts and phases of information security incident management and combines these concepts with principles in a structured approach to detecting, reporting, assessing, and responding to incidents, and applying lessons learnt. The principles given in this part of ISO/IEC 27035 are generic and intended to be applicable to all organizations, regardless of type, size or nature. Organizations can adjust the guidance given in this part of ISO/IEC 27035 according to their type, size and nature of business in relation to the information security risk situation. This part of ISO/IEC 27035 is also applicable to external organizations providing information security incident management services.
Tämän julkaisun valmistelusta Suomessa vastaa SFS Suomen Standardit, puh. 09 149 9331.
Sisällysluettelo
Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Overview
4.1 Basic concepts and principles
4.2 Objectives of incident management
4.3 Benefits of a structured approach
4.4 Adaptability
5 Phases
5.1 Overview
5.2 Plan and Prepare
5.3 Detection and Reporting
5.4 Assessment and Decision
5.5 Responses
5.6 Lessons Learnt
Annex A Relationship to investigative standards (informative)
Annex B Examples of information security incidents and their causes (informative)
Annex C Cross reference table of ISO/IEC 27001 to ISO/IEC 27035 (informative)
ISO/IEC 27000 Information technology — Security techniques — Information security management systems — Overview and vocabulary
ISO/IEC 27035-2 Information technology — Security techniques — Information security incident management — Part 2: Guidelines to plan and prepare for incident response
ISO/IEC 27000 Information technology — Security techniques — Information security management systems — Overview and vocabulary
ISO/IEC 27035-2 Information technology — Security techniques — Information security incident management — Part 2: Guidelines to plan and prepare for incident response