Normal incident vs information security incident
Assign topic to the user
Answer:
The main difference between a normal incident and an information security incident is that the second is related to information security and can affect the confidentiality, integrity and availability of information, so for example, a virus can be an information security incident (because for example information can be disclosed), and a norm al incident can be that the printer is failing (it is not related to the information security).
Many companies define in their information security incident management procedure, what is an information security incident (virus, access problem to information, etc.). So, this can be a good recommendation for you.
This article can be interesting for you “How to handle incidents according to ISO 27001 A.16” : https://advisera.com/27001academy/blog/2015/10/26/how-to-handle-incidents-according-to-iso-27001-a-16/
And also this one “How a change in thinking can stop 59% of security incidents” : https://advisera.com/27001academy/blog/2015/02/16/change-thinking-can-stop-59-security-incidents/
And finally, our online course can be also interesting for you because we give more information about the information security incidents “ISO 27001:2013 Foundations Course” : https://advisera.com/training/iso-27001-foundations-course/
Comment as guest or Sign in
Aug 05, 2016