5.24 Information Security Incident Management Planning and Preparation
Control
The organisation should plan and prepare for managing information security incidents by defining, establishing and communicating information security incident management processes, roles and responsibilities.
Purpose
Incident management is one of the most vital processes in an organisation's information security management system.
Implementation Guidance
An incident management procedure is one of the most critical aspects of an Information Security Management System. Without a proper incident management plan, an organisation would encounter severe challenges if an incident occurred. From the control requirements, it is clear that this control needs to be well-defined, established and communicated with responsible people identified. Reasonably, when an organisation has a clear definition of an incident, if the same or similar incident happens, people accountable in the organisation should know what to do next. Therefore, a proper, well-structured incident management document is a must for an organisation. Moreover, it is not only about having an incident management document, but it is essential to practice and ensure the document is battlefield tested.
ISO 27001:2022
Organisational Controls
AvISO will be updating and reviewing all the information regularly, so keep us bookmarked and keep checking!
Got a question or need help? Don't hesitate to reach out to our team.
27002:2022 Related Controls
CLick to view control
If you would like to know more about ISO Standards, Certification and the value of a good management system you can add to your business we would love to hear from you: Kent: 01892 800476 | London: 02037 458 476 | info@avisoconsultancy.co.uk
