T8.1.1 - INFORMATION SECURITY INCIDENT MANAGEMENT POLICY Implementation Guidance
The entity shall establish a policy to manage and guide the response to information security incidents.
Back to T8.1.1 - P2 - INFORMATION SECURITY INCIDENT MANAGEMENT POLICY
Critical entities shall also take into account any other NESA’s relevant issuances, guidance, and activities in this regard (also refer to National Cyber Response Framework).
The information security incident management policy facilitates the implementation of the associated controls to ensure appropriate reaction to any actual or suspected security incidents relating to information assets. The policy can, for example, contain in addition to the required sub-controls:
- A. Incident classification
- B. Procedure for reporting information security events or weaknesses
- C. Procedure for incident handling
The information systems acquisition, development and maintenance policy can be included as part of the general information security policy, in a single policy document, or can be represented by multiple policies reflecting the complex nature of certain entities.
Back to T8.1.1 - P2 - INFORMATION SECURITY INCIDENT MANAGEMENT POLICY
