The IT Law Wiki

ISO/IEC 27035-2


32,062pages on
this wiki
Add New Page
Add New Page Talk0

Citation Edit

ISO/IEC 27035-2: (Draft) Guidelines To Plan And Prepare For Incident Response.

Overview Edit

Part 2 concerns assurance that the organization is in fact ready to respond appropriately to information security incidents that may yet occur. It promotes learning from past incidents to improve things for the future. It covers the Plan and Prepare and Lessons Learned phases of the process laid out in Part 1 (ISO/IEC 27035-1).

Content: The Guidelines have eight main clauses:

It also contains annexes with incident categorization examples, and notes on "legal and regulatory aspects" (mostly privacy).

Source Edit

  • ISO/IEC 27035:2011 Information technology — Security techniques — Information security incident management (full-text).

Also on Fandom

Random Wiki