We're creating a single website for everything to do with BIS but, while we do that, you'll find information in three places. > Find what you're looking for
The Information Security Standard ISO/IEC 27002 is divided into eleven main sections. Section 9 is Information Security Incident Management.
This section deals with putting procedures in place to ensure information security events and weaknesses are reported through appropriate channels in order to allow corrective action to be taken.
All employees, contractors and third party users need to be aware of their responsibilities to report any information security incidents as quickly as possible; as well as being aware of what procedures to follow.
It is also important to have mechanisms in place to quantify and monitor incidents as well as collective evidence as required.
To read more about this subject, go to Incident Management, which includes sections on reporting as well as forensics.
Use links below for further information:
ISO/IEC 27002 Section 1
ISO/IEC 27002 Section 2
ISO/IEC 27002 Section 3
ISO/IEC 27002 Section 4
ISO/IEC 27002 Section 5
ISO/IEC 27002 Section 6
ISO/IEC 27002 Section 7
ISO/IEC 27002 Section 8
ISO/IEC 27002 Section 10
ISO/IEC 27002 Section 11
ISO/IEC 27002 Explained
If you would like more background information about information security standards follow this link.