Expert Advice Community

Home / ISO 27001 & 22301 / Practice for collection of evidence

Guest

Practice for collection of evidence

ISO 27001 & 22301
  Quote
Guest
Guest user Created:   May 29, 2019 Last commented:   May 29, 2019

Practice for collection of evidence

ISO 27001 & 22301
I have a question about the method for incident management (paragraph 3.7 Collection of evidence). The rules for identification, collection and preservation of evidence - is there any template? (Couldn’t find one). If not would you mind sending me some information about the content of this document? We don’t know how to make the rules.
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.
Expert
Rhand Leal May 29, 2019

Answer:

ISO 27001 does not prescribe specific rules for evidence collection, and this is not a commonly used procedure, so we do not have an specific template, but these are good references you can look for to develop rules to your organization:
- SANS Digital Forensics and Incident Response Blog: https://digital-forensics.sans.org/blog/2009/09/12/best-practices-in-digital-evidence-collection/
- NIST Guide to Integrating Forensic Techniques into Incident Response: https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-86.pdf

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

May 29, 2019

May 29, 2019

Suggested Topics
Sarah Created:   Aug 04, 2022 ISO 27001 & 22301
Replies: 1
0 1

Evidence of InfoSec Awareness Training
Guest user Created:   Feb 15, 2022 ISO 27001 & 22301
Replies: 1
0 0

ISO 27001 Internal Audit practice and tips