This snapshot taken on 05/05/2009, shows web content selected for preservation by The National Archives. External links, forms and search boxes may not work in archived websites.
The Information Security Standard ISO/IEC 27002 is divided into eleven main sections. Section 9 is Information Security Incident Management.
This section deals with putting procedures in place to ensure information security events and weaknesses are reported through appropriate channels in order to allow corrective action to be taken.
All employees, contractors and third party users need to be aware of their responsibilities to report any information security incidents as quickly as possible; as well as being aware of what procedures to follow.
It is also important to have mechanisms in place to quantify and monitor incidents as well as collective evidence as required.
To read more about this subject, go to Incident Management, which includes sections on reporting as well as forensics.
Use links below for further information:
ISO/IEC 27002 Section 1
ISO/IEC 27002 Section 2
ISO/IEC 27002 Section 3
ISO/IEC 27002 Section 4
ISO/IEC 27002 Section 5
ISO/IEC 27002 Section 6
ISO/IEC 27002 Section 7
ISO/IEC 27002 Section 8
ISO/IEC 27002 Section 10
ISO/IEC 27002 Section 11
ISO/IEC 27002 Explained
If you would like more background information about information security standards follow this link.
