Oh no! No description found. But not to worry. Read from Tasks below how to advance this topic.
Objective: Once security events are reported, it is vital that the handling of the events is managed. This means to ensure that the type and criticality of the reported event as well as the persons responsible are quickly identified to ensure that time-critical aspects can be handled in time. Once identification is done, ensuring that the responsible persons become aware and deal with the event within a reasonable time frame is necessary. Furthermore, if the event affects multiple different persons, or management also include coordinating communication is a important part of event management. Finally, if there are external (contractual or regulatory) reporting requirements, its important to ensure that these are also fulfilled in a professional way.
Requirements (must): Reported events are processed without undue delay.
An adequate reaction to reported security events is ensured.
Lessons learned are incorporated into continuous improvement.
Requirements (should): During processing, reported events are categorized (e.g. by responsibility into personnel, physical and cyber), qualified (e.g. not security relevant, observation, suggested security improvement, security vulnerability, security incident) and prioritized (e.g. low, moderate, severe, critical).
Responsibilities for handling of events based on their category are defined and assigned. The following aspects are considered:
- Coordination of incidents and vulnerabilities across multiple categories
- Qualification and resources
- Contact mechanisms based on type and priority (e.g., non-time-critical communication, time-critical communication, emergency communication)
- Absence-management
A strategy for filing official reports and searching prosecution of potentially criminally relevant aspects of security incidents exists. (C, I, A)
Objective: Once security events are reported, it is vital that the handling of the events is managed. This means to ensure that the type and criticality of the reported event as well as the persons responsible are quickly identified to ensure that time-critical aspects can be handled in time. Once identification is done, ensuring that the responsible persons become aware and deal with the event within a reasonable time frame is necessary. Furthermore, if the event affects multiple different persons, or management also include coordinating communication is a important part of event management. Finally, if there are external (contractual or regulatory) reporting requirements, its important to ensure that these are also fulfilled in a professional way.
Requirements (must): Reported events are processed without undue delay.
An adequate reaction to reported security events is ensured.
Lessons learned are incorporated into continuous improvement.
Requirements (should): During processing, reported events are categorized (e.g. by responsibility into personnel, physical and cyber), qualified (e.g. not security relevant, observation, suggested security improvement, security vulnerability, security incident) and prioritized (e.g. low, moderate, severe, critical).
Responsibilities for handling of events based on their category are defined and assigned. The following aspects are considered:
- Coordination of incidents and vulnerabilities across multiple categories
- Qualification and resources
- Contact mechanisms based on type and priority (e.g., non-time-critical communication, time-critical communication, emergency communication)
- Absence-management
A strategy for filing official reports and searching prosecution of potentially criminally relevant aspects of security incidents exists. (C, I, A)
In Cyberday, requirements and controls are mapped to universal tasks. A set of tasks in the same topic create a Policy, such as this one.
In Cyberday, requirements and controls are mapped to universal tasks. Each requirement is fulfilled with one or multiple tasks.
When building an ISMS, it's important to understand the different levels of information hierarchy. Here's how Cyberday is structured.
Sets the overall compliance standard or regulation your organization needs to follow.
.svg)
.svg)
.svg)
Break down the framework into specific obligations that must be met.
.svg)
Concrete actions and activities your team carries out to satisfy each requirement.
Documented rules and practices that are created and maintained as a result of completing tasks.
