User
Which Annex A controls cover incident management?
Experta
ISO 27001 Annex A incident controls explain not only how to deal with incidents but also how to deal with threats, events, and security breaches.
These controls are important because if you aren’t prepared for incidents, chances are they will happen more often, it will be much harder to recover from them, and they will cost you much more. In other words, preparing for incidents reduces both the chances they will happen and their impact if they do happen.
The basic idea of managing information security weaknesses and events is to prevent incidents from happening in the first place. For example, if a company is aware of a new type of hacker attack and has inadequate controls for stopping such an attack, then it can implement additional controls to decrease the possibility of a successful attack.
ISO 27001 Annex A section A.5 and A.6 controls that cover incidents and security breaches are as follows:
- A.5.7 Threat intelligence
- A.5.24 Information security incident management planning and preparation
- A.5.25 Assessment and decision on information security events
- A.5.26 Response to information security incidents
- A.5.27 Learning from information security incidents
- A.5.28 Collection of evidence
- A.6.8 Information security event reporting