Chat with Experta

User
What is the difference between an IR plan and an IR procedure for ISO27001:2022? Or are they the same thing?
Experta
An IR plan and an IR procedure are not the same thing in ISO 27001:2022. An IR plan refers to the overall strategy and approach for incident response, while an IR procedure is a documented set of steps and actions to be followed during an incident response.