Expert Advice Community

Guest

Handling accidents

  Quote
Guest
Guest user Created:   Jun 08, 2023 Last commented:   Jun 08, 2023

Handling accidents

Please advise me, which part speak about how to handle when accident happened, accident management, how to lead workers, outsource company, fireman’s etc?

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Jun 08, 2023

According to ISO 27001, the following controls are related to incident management:

  • A.5.7 Threat intelligence
  • A.5.24 Information security incident management planning and preparation
  • A.5.25 Assessment and decision on information security events
  • A.5.26 Response to information security incidents
  • A.5.27 Learning from information security incidents
  • A.5.28 Collection of evidence
  • A.6.8 Information security event reporting

Please note that ISO 27001 does not prescribe details on how to manage incidents, only objectives that need to be achieved. For detailed guidance, you should look for ISO 27002, a non-mandatory supporting standard that provides explanations on the implementation of ISO 27001 Annex A controls.

To see how a document describing incident handling compliant with ISO 27001 looks like, please take a look at this demo: https://advisera.com/27001academy/documentation/incident-management-procedure/

For further information, see:

Please note that, even though this article is about old 2013 revision of ISO 27001, the principles in the article are still valid.

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jun 08, 2023

Jun 08, 2023