Disaster vs. Incident
Assign topic to the user
Answer:
The difference is that an incident is a situation that might be, or could lead to a disruption, or a loss, or in a situation of emergency or crisis, while a disaster always is a situation that implies a serious damage to the organization.
From the perspective of business continuity, the difference between incident and a disaster is in timing - if the duration of the incident is short, then this is just an incident; if it lasts longer, then it could become a disaster
An example of incident can be the interruption of communications in the organization (for example you do not have Internet), while an example of disaster can be an earthquake, or a fire, or a flood, etc.
And, an incident can result in a disaster, for example, if you detect a fire in an information system, it can be notified as incident, but it can also result in a disaster (it the fire spreads to all the organization).
Regarding the information security incidents, this article can be interesting for you “How a change in thinking can stop 59% of security incidents” : https://advisera.com/27001academy/blog/2015/02/16/change-thinking-can-stop-59-security-incidents/
And also this article “How to handle incidents according to ISO 27001 A.16” : https://advisera.com/27001academy/blog/2015/10/26/how-to-handle-incidents-according-to-iso-27001-a-16/
And I think can this document can also help you because gives you information about examples of disruptive incidents scenarios “Examples of Disruptive Incident Scenarios” : https://advisera.com/27001academy/documentation/examples-of-disruptive-incident-scenarios/
Comment as guest or Sign in
Apr 16, 2016