ISO 27035 and incident management
Assign topic to the user
Answer: You can see ISO 27035 parts 1 and 2 as an additional deepening of the ISO 27002 recommendations regarding incident management (section 13), while part 3 will cover the effective incident response. So, these parts can be used regardless the publication of part 3
If you already have an implemented incident management process that fulfils your objectives, using the ISO 27035 parts 1 and 2 is optional, as a source of possible improvement opportunities. If you are in the process of implementing an incident management process ISO 27035 parts 1 and 2 can provide more recommendations than ISO 27002.
This article will provide you further explanation about incident management:
- ISO 27001 vs. ISO 27002 https://advisera.com/27001academy/knowledgebase/iso-27001-vs-iso-27002/
These materials wi ll also help you regarding incident management:
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/
Comment as guest or Sign in
Mar 03, 2017