Content library
Digital security overview
10: Prosessi väärinkäytöksiin reagoimiseksi

How to fill the requirement

Digital security overview

10: Prosessi väärinkäytöksiin reagoimiseksi

Task name
Priority
Status
Theme
Policy
Other requirements
Personnel guidelines for reporting security incidents
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Incident management
Incident management and response
33
requirements

Task is fulfilling also these other security requirements

T06: Turvallisuuspoikkeamien hallinta
Katakri
24. Responsibility of the controller
GDPR
16.1.3: Reporting information security weaknesses
ISO27 Full
16.1.2: Reporting information security events
ISO27 Full
6.4: Menettelytavat virhe- ja ongelmatilanteissa
Self-monitoring
1. Task description

A process for reporting incidents is maintained to help staff report incidents efficiently and consistently.

Things to report as an incident include e.g.:

  • unauthorized access to data / premises
  • action against security guidelines
  • suspected security issue (e.g. phishing, malware infection)
  • data system outage
  • accidental or intentional destruction / alteration of data
  • lost or stolen device
  • compromised password
  • lost physical identifier (e.g. keychain, smart card, smart sticker)
  • suspected security weakness (e.g. on utilized data system or other procedures)

The personnel guidelines emphasize the obligation to report security incidents as soon as possible in accordance with the agreed process. The instructions also describe other operations in the event of an incident (e.g. recording seen error messages and other details).

The first level response process to security incidents
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Incident management
Incident management and response
29
requirements

Task is fulfilling also these other security requirements

16.1.4: Assessment of and decision on information security events
ISO27 Full
6.4: Menettelytavat virhe- ja ongelmatilanteissa
Self-monitoring
DE.AE-4: Impact of events
NIST
RS.RP: Response Planning
NIST
RS.RP-1: Incident response plan
NIST
1. Task description

The organization has defined a process and the team involved in responding promptly to security incidents and deciding on the appropriate actions.

The first level response process includes at least:

  • effectively seeking to confirm the identified incident
  • deciding on the need for immediate response
Disciplinary process for security breaches
Critical
High
Normal
Low
Fully done
Mostly done
Partly done
Not done
Personnel security
Cyber security in contracts
9
requirements

Task is fulfilling also these other security requirements

7.2.3: Disciplinary process
ISO27 Full
PR.IP-11: Cybersecurity in human resources
NIST
6.4: Disciplinary process
ISO27k1 Full
5.28: Collection of evidence
ISO27k1 Full
7.3: Awareness
ISO27k1 Full
1. Task description

Our organization has defined the actions to be taken in the event of a breach of confidentiality. These may include e.g. the following steps:

  • investigating what data was breached and how harmful this was
  • investigating the intentionality of the act
  • investigating what was set as conseguence on the confidentiality agreement
  • deciding whether and how to proceed (e.g. legal actions)
  • deciding whether outside assistance is needed
No items found.