Chat with Experta

User
What is the difference between an IR plan and an IR procedure for ISO27001:2022? Or are they the same thing?
Experta
An Incident Response (IR) plan and an IR procedure are not the same thing in the context of ISO 27001:2022. An IR plan typically outlines the high-level approach and strategies for responding to information security incidents, while an IR procedure provides detailed step-by-step instructions on how to carry out specific actions during an incident. The plan sets the overall direction, while the procedure guides the actual implementation of incident response activities.