The IT Law Wiki

ISO/IEC 27035-3


32,080pages on
this wiki
Add New Page
Add New Page Talk0

Citation Edit

ISO/IEC 27035-3: (Draft) Guidelines For Incident Response Operations.

Overview Edit

Part 3 offers guidance on managing and responding efficiently to information security incidents, using typical incident types to illustrate the approach. It describes the Detection and Reporting, Assessment and Decision, and Response phases of the process laid out in Part 1 (ISO/IEC 27035-2), plus Post Incident Activity (an important sixth phase which is nott actually identified as such in Part 1.

There are two main clauses covering incident response operations (incident criteria and response processes i.e. monitoring, detecting, assessing, analysing, responding, reporting and lessons learned); and generic examples of common types of incident (such as denial of service and malware incidents).

Annexes offer criteria for categorizing incidents and template forms.

Source Edit

  • ISO/IEC 27035:2011 Information technology — Security techniques — Information security incident management (full-text).

Also on Fandom

Random Wiki