GB/T 20985.2-2020
Information technology—Security techniques—Information security incident management—Part 2: Guidelines to plan and prepare for incident response

GB/T 20985.2-2020
Standard No.
GB/T 20985.2-2020
Language
Chinese
Release Date
2020
Published By
国家市场监督管理总局、中国国家标准化管理委员会
Latest
GB/T 20985.2-2020
Scope
This part of GB/T 20985 is based on the "planning and preparation" phase and the "experience summary" phase of the "information security incident management phase" model given in GB/T 20985.1-2017. Guidelines for summarizing lessons learned and improving. Highlights of the "Plan and Prepare" phase include: — an information security incident management policy and top management commitment; — an information security policy to be updated at the corporate level as well as at the system, service and network levels, including information related to risk; management of relevant information security policies; — information security incident management plan; — establishment of an incident response team (IRT); — establishment of relationships and liaison with internal and external organizations; — technical and other aspects ( including organizational and operational support); — awareness education and training on information security incident management; — testing of information security incident management plans. The main points of the "experience summary" stage include: ——Summary of lessons learned; ——Summary and improvement of information security; ——Summary and improvement of information security risk assessment and management review results; ——Information security incident management Summary and improvement of the plan; — Evaluation of IRT performance and effectiveness. The principles given in this section are general and applicable to organizations of any type, size or nature. Organizations can adapt the guidance given in this section according to the type, size and nature of their business, and the associated information security risk profile. This section also applies to external organizations that provide information security incident management services.

GB/T 20985.2-2020 Referenced Document

  • GB/T 20985.1-2017 Information technology - Security techniques - Information security incident management - Part 1: Principles of incident management
  • GB/T 29246-2017 Information technology—Security techniques—Information security management systems—Overview and vocabulary

GB/T 20985.2-2020 history

  • 2020 GB/T 20985.2-2020 Information technology—Security techniques—Information security incident management—Part 2: Guidelines to plan and prepare for incident response

GB/T 20985.2-2020 -All Parts

GB/T 20985.1-2017 Information technology - Security techniques - Information security incident management - Part 1: Principles of incident management GB/T 20985.2-2020 Information technology—Security techniques—Information security incident management—Part 2: Guidelines to plan and prepare for incident response


Copyright ©2007-2023 ANTPEDIA, All Rights Reserved