Management of information security incidents and improvements Security Audit Checklist
Management of information security incidents and improvements Security Audit Checklist
Clause 13.2 ISO 17025
1. Responsibilities and procedures
• Whether management responsibilities and procedures were established to ensure quick, effective and orderly response to information security incidents.
• Whether monitoring of systems, alerts and vulnerabilities are used to detect information security incidents.
• Whether the objective of information security incident management is agreed with the management.
2. Learning from information security incidents
• Whether there is a mechanism in place to identify and quantify the type, volume and costs of information security incidents.
• Whether the information gained from the evaluation of the past information security incidents are used to identify recurring or high impact incidents.
3. Collection of evidence
• Whether follow-up action against a person or organization after an information security incident involves legal action (either civil or criminal).
• Whether evidence relating to the incident are collected, retained and presented to conform to the rules for evidence laid down in the relevant jurisdiction(s).
• Whether internal procedures are developed and followed when collecting and presenting evidence for the purpose of disciplinary action within the organizatio.
Related documents
Advertisement
Sponsor sites:
1. Phrases For Performance Appraisals.
2. Interview questions and answers.
This entry was posted
on Wednesday, November 25th, 2009 at 6:36 am and is filed under ISO 27001 checklist.
You can leave a response, or trackback from your own site.
