Guest
IS Incident Management Procedures
Hi Dejan,
I am actually drafting some ISO 27001 mandatory procedures,
Regarding the Information Security Incident Management Procedures, I have noticed that there is 3 procedures :
- Reporting IS weaknessess & Events
- Responding to IS Reports
- Collection of evidences
Can I decscribe all this procedures in one general procedure "Information Security Incident Management Procedure" or I should build each procedure separatelty, what is the most convenient?
Thanks in advance
Assign topic to the user
EU GDPR & ISO 27001 INTEGRATED DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
EU GDPR & ISO 27001 INTEGRATED DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
EU GDPR & ISO 27001 INTEGRATED DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
Kaoutar,
Yes, you can place all these procedures in one single document - this is the most convenient. This is exactly how our Incident Management Procedure is structured: https://advisera.com/27001academy/documentation/incident-management-procedure/
Comment as guest or Sign in
Jan 12, 2016
Jan 12, 2016
Jan 12, 2016