Currently, there is an increase in the number of information security incidents around the world, both leading to large financial losses and damaging the reputation of organizations. The effective functioning of the information security management system and compliance with international information security standards will reduce the number of information security incidents and increase the level of organization security as a whole. The main guidance documents on incident management include:
ISO/IEC 27001:2005 Information security management system. Requirements. It is one of the fundamental standards in this field. It provides recommendations for the development, implementation, use and support of both information security management system as a whole, and approaches to the management of information security incidents.
ISO/IEC TR 18044:2004 Information security incident management. This document is intended for information security, information systems, services and networks unit managers and establishes recommendations for the management of information security incidents regarding the planning, use, and review process, as well as on this process improvement.
ISO/IEC 27035:2011 Information technology — Security techniques — Information security incident management. The standard covers the processes for managing information security events, incidents and vulnerabilities. It expands on the information security incident management section of ISO/IEC 27002.