标准编号:ISO/IEC 27035-3:2020
中文名称:信息技术 信息安全事件管理 第3部分:ICT事件响应操作指南
英文名称:Information technology — Information security incident management — Part 3: Guidelines for ICT incident response operations
发布日期:2020-09
标准范围
This document gives guidelines for information security incident response in ICT security operations.
This document does this by firstly covering the operational aspects in ICT security operations from a
people, processes and technology perspective. It then further focuses on information security incident
response in ICT security operations including information security incident detection, reporting, triage,
analysis, response, containment, eradication, recovery and conclusion.
This document is not concerned with non-ICT incident response operations such as loss of paper-based
documents.
This document is based on the “Detection and reporting” phase, the “Assessment and decision” phase
and the “Responses” phase of the “Information security incident management phases” model presented
in ISO/IEC 27035-1:2016.
The principles given in this document are generic and intended to be applicable to all organizations,
regardless of type, size or nature. Organizations can adjust the provisions given in this document
according to their type, size and nature of business in relation to the information security risk situation.
This document is also applicable to external organizations providing information security incident
management services.
立即下载标准文件