Those procedures are pretty easy to develop because the remainder of this Annex A control spells them out. The procedures for incident, event and weakness response planning will need to be clearly defined in advance of an incident occurring and been approved by your leadership. A weakness is also a common risk management or improvement opportunity. A weakness is that the window is easily broken or old and could be an obvious place for break-in. An example is where a window was left open and a thief stole an important file sitting on the desk…….Following that thread, an event is where the window was left open but nobody stole the file. In simple terms an incident is where some form of loss has occurred around confidentiality, integrity or availability. A good control describes how management establish responsibilities and procedures in order to ensure a quick, effective and orderly response to address weaknesses, events and security incidents.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |