All security incidents are addressed in a consistent manner to improve security based on what has happened.
In the incident treatment process:
The organization shall ensure that clear persons are assigned to incident management responsibilities, e.g. handling the first response for incidents.
Incident management personnel need to be instructed and trained to understand the organization's priorities in dealing with security incidents.
Organization carries out threat intelligence by analyzing and utilizing collected information about relevant cyber security threats related and corresponding protections.
When analyzing and utilizing the collected threat intelligence information, the following points must be taken into account:
From the point of view of the information security management system, non-conformities are situations in which:
In systematic security work, all detected non-conformities must be documented. To treat the non-conformity, the organization must identify and implement improvements that correct it.
The organization has defined a process and the team involved in responding promptly to security incidents and deciding on the appropriate actions.
The first level response process includes at least: