《ISO IEC 27035-2-2023.docx》由会员分享,可在线阅读,更多相关《ISO IEC 27035-2-2023.docx(16页珍藏版)》请在第壹文秘上搜索。
1、INTERNATIONA1.STANDARDISO/IEC27035-2editionSecond2023-02Informationtechno1.ogy一Informationsecurityincidentmanagement一fM*inestop1.anandprepareforincidentresponseTechno1.ogiesdeinformation-GestiondesincidentsdeSecUri整deinformationPartie2:1.ignesdirectricesPOUrPIanifieretpreparerUnereponseauxincidentsR
2、eferencenumberISO/IEC27035-2:2023(E)ISO/IEC2023COPYRIGHTPROTECTEDDOCUMENTISO/1EC2023IUirhM*hedbdi1.iUedotherwiseupdhi.o啪InPSd1.Mc;GeatrOn1.fifiU81.andonnet8CH-1214Vernier,GenevaPhone:M1.22749O1.11觥ftte:丽丽BQrgPub1.ishedinSwitzer1.andISO/IEC2023-A1.1.rightsreservedISO/IEC2023-A1.1.rightsreservedISO(th
3、eInternationa1.OrganizationforStandardization)andIEC(theInternationa1.E1.ectrotechnica1.membersofISOtheparticipateintheforwor1.dwideInternationa1.Nationa1.bodiesarecommitteesestab1.ishedbytherespectiveorganizationtodea1.withparticu1.arfie1.dsoftechnica1.activity.ISOandIECmitteesco1.1.aborateinfie1.d
4、sofmutua1.interest.Otherinternationa1.work.Theproceduresusedtodeve1.opthisdocumentandthoseintendedforitsfurthermaintenanceareforthetypesofdocument1.Inbenoted,thedifferentwascriteriaMC3damswiUJwdi1.oria1.“theISO/IECDirectives,Part2(seewww.iso.org/directivesorwww.iec.ch/members-experts/refdocs).Ofpate
5、ntrights.totheIECsha1.1.notbehe1.dthee1.ementsthisdocumentorbethepatentrights.Detai1.sofanypatentrightsidentifiedduringthedeve1.opmento3*d3um4mUw41.4MMntheIntroductionand/orontheISO1.istofPagntd*Em。晔3ved(seewww.iso.org/patents)ortheIECAnytradenameusedinthisdocumentisinformationgivenfortheconvenience
6、ofusersanddoesnotconstituteanendorsementForanre1.atedofthevo1.untarynatureofwe1.1.themeaningofISOISO*stermstoth。WokiTVadoQrganizatio科(WTO)princip1.esin出。Tzhnka1.BanfeuT11(TBT)seewww.iso.org/iso/forcword.htni1.IntheIEC,seewsv.iec.chundcrstanding-s1.andards.Thisdocument27,preparedbyTechnica1.Committee
7、privacyTC1,Thissecondeditioncance1.sandrep1.acesthefirstedition(ISO/IEC27035-2:2016),whichhasbeenThemainchangesareasfo1.1.ows: newro1.esinc1.udingincidentmanagementteamandincidentcoordinatorandtheirresponsibi1.itieshavebeenadded; contentonarecommendedprocessfororganizationshasbeenaddedin6.7; C.3hasb
8、eenrep1.acedbyasing1.eparagraph;A1.istofa1.1.partsintheISO/IEC27035seriescanbefoundontheISOandIECwebsites.AnyAOrIiStingofthirbodiescanbefoundatusersnationa1.www.iec.ch/nationa1.-committees.IntroductionThisdocumentfocusesoninformationsecurityincidentmanagementwhichisidentifiedinISO/IEC27000asoneofthe
9、critica1.successfactorsfortheinformationseritymanagementsystem.Therecanbea1.argegapbetweenanorganizationp1.anforanincidentandanorganizationpreparednessforanincident.Therefore,thisdocumentaddressesthedeve1.opmentofprocedurestoiHFI三怖蛉楞ihi三AOfb螂预酬艇ta4网iciesre0Rss侬州布i闱由麻ationm油瞰&nt,aswe1.1.astheprocessf
10、orestab1.ishingtheincidentresponseteamandimprovingitsperformanceovertimebyadopting1.essons1.earnedandbyeva1.uation.Informationtechno1.ogyInformationsecurityincidentmanagement一Guide1.inestop1.anandprepareforincidentresponse1Scopeinformationresponse.Theguide1.inesmanagementphasesHiode1.andpresentedISO
11、/IEC27035-1:2023,5.2andThemajorpointswithinthep1.anandprepare*phaseinc1.ude:Organizationa1.securityandpo1.iciesrinc1.udingandnetwork1.eve1.s;riskmanagement,updatedatboth IncidentManagementTeam(IMT)estab1.ishment; technica1.andOthersupport(inc1.udingorganizationa1.andoperationa1.support);ThewIcarn1.e
12、ssonsphaseinc1.udes: Identifyingandmakingnecessaryimprovements;regard1.essofgivensizethisdocumentorganizationsandintendedtheapp1.icab1.etoa1.1.organizations,Normativeservicesreferencesconstitutesrequirementsaredocument.Fordatedinreferences,on1.ySomeeditiona1.1.citedapp1.ies.contentISO/IECOverview1.n
13、formationvocabu1.arySecuritytechniques-informationsecuritymanagementb) IMTsandIRTsofexterna1.organizations;c) managedserviceproviders(inc1.udingte1.ecommunicationserviceproviders).ISPs,vendorsandsupp1.iers;d) 1.awenforcementorganizations;c)emergencyauthorities;0CERTsi)andCSIRTs,whereappropriate;g) a
14、ppropriategovernmentorganizations,ordataprotectionagency;h) 1.ega1.personne1.;i) pub1.icre1.ationsofficia1.sand/ormembersofthemedia;j) businesspartners;k) customers;i)genera1.pub1.ic;m)regu1.ators.9Definingtechnica1.andothersupport9.1 Genera1.NOTE1C1.ause9,initsentirety,1.inkstoISO/IEC27035-1:2023,5
15、.211.叭小沁博Cmhat赚n*w由Ujre1.*惘注地即世觥或级呼咏QM9b由e-AHinterna1.andexterna1.partiesforsupportandreportingshou1.dbedefinedandcommunicationchanne1.sandworkf1.owagreedupon.Theseactivitiesinc1.udethefo1.1.owing:1.ii!RStof1.frfonsorgfiW,1.setsw*v9f1.erjup-to-dateassetregisterandinformationdocumentedandpromu1.gatedcommunicationsprocessesinc1.
