2000288 Preview

CAN/CSA-ISO/IEC/IEEE 27035-2:18 (R2022)

Information technology - Security techniques - Information security incident management - Part 2: Guidelines to plan and prepare for incident response (Adopted ISO/IEC 27035-2:2016, first edition, 2016-11-01)

standard by CSA Group / ISO / IEC / IEEE , 01/01/2018

This document has been replaced. View the most recent version.

View all product details

Historical

Track It

Language:
    • Available Formats
    •  
    • Availability
    • Priced From ( in USD )
    • Secure PDF 🔒
    • Immediate download
    • $209.00
    • Add to Cart
    • Printed Edition
    • Ships in 1-2 business days
    • $209.00
    • Add to Cart

Customers Who Bought This Also Bought

Identical Versions Available

 

About This Item

 

Full Description

CSA Preface

Standards development within the Information Technology sector is harmonized with international standards development. Through the CSA Technical Committee on Information Technology (TCIT), Canadians serve as the SCC Mirror Committee (SMC) on ISO/IEC Joint Technical Committee 1 on Information Technology (ISO/IEC JTC1) for the Standards Council of Canada (SCC), the ISO member body for Canada and sponsor of the Canadian National Committee of the IEC. Also, as a member of the International Telecommunication Union (ITU), Canada participates in the International Telegraph and Telephone Consultative Committee (ITU-T).

Scope

This part of ISO/IEC 27035 provides the guidelines to plan and prepare for incident response. The guidelines are based on the "Plan and Prepare" phase and the "Lessons Learned" phase of the "Information security incident management phases" model presented in ISO/IEC 27035-1.

The major points within the "Plan and Prepare" phase include the following:

? information security incident management policy and commitment of top management;

? information security policies, including those relating to risk management, updated at both corporate level and system, service and network levels;

? information security incident management plan;

? incident response team (IRT) establishment;

? establish relationships and connections with internal and external organizations;

? technical and other support (including organizational and operational support);

? information security incident management awareness briefings and training;

? information security incident management plan testing.

The principles given in this part of ISO/IEC 27035 are generic and intended to be applicable to all organizations, regardless of type, size or nature. Organizations can adjust the guidance given in this part of ISO/IEC 27035 according to their type, size and nature of business in relation to the information security risk situation. This part of ISO/IEC 27035 is also applicable to external organizations providing information security incident management services.

 

Product Details

Published:
01/01/2018
ISBN(s):
9781488310898
File Size:
1 file , 3.5 MB
Same As:
ISO/IEC 27035-2:2016, BS ISO/IEC 27035-2:2016
Product Code(s):
2425893, 2425893
 

Document History

  1. CAN/CSA-ISO/IEC 27035-2:24


    Information technology — Information security incident management — Part 2: Guidelines to plan and prepare for incident response (Adopted ISO/IEC 27035-2:2023, second edition, 2023-02)

    • Most Recent

  2. CAN/CSA-ISO/IEC/IEEE 27035-2:18 (R2022)

    👀 currently
    viewing


    Information technology - Security techniques - Information security incident management - Part 2: Guidelines to plan and prepare for incident response (Adopted ISO/IEC 27035-2:2016, first edition, 2016-11-01)

    • Historical Version