Citation Edit

ISO/IEC 27035-3: (Draft) Guidelines For Incident Response Operations.

Overview Edit

Part 3 offers guidance on managing and responding efficiently to information security incidents, using typical incident types to illustrate the approach. It describes the Detection and Reporting, Assessment and Decision, and Response phases of the process laid out in Part 1 (ISO/IEC 27035-2), plus Post Incident Activity (an important sixth phase which is nott actually identified as such in Part 1.

There are two main clauses covering incident response operations (incident criteria and response processes i.e. monitoring, detecting, assessing, analysing, responding, reporting and lessons learned); and generic examples of common types of incident (such as denial of service and malware incidents).

Annexes offer criteria for categorizing incidents and template forms.

Source Edit

  • ISO/IEC 27035:2011 Information technology — Security techniques — Information security incident management (full-text).

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.