13. Information Security Incident Management
Control objective: to ensure information security events and weaknesses associated with information systems are communicated in a manner allowing timely corrective action to be taken.
Information security events must be reported to the Information Security Manager as quickly as possible, as set out in DOC 13.1
All employees, contractors and third party users of information systems and services are required by DOC 13.1 to note and report to the Information Security Manager any actual or suspected weaknesses in Organizational systems or services
Control objective: to ensure a consistent and effective approach is applied to the management of information security incidents
Management responsibilities and procedures have been established in DOC 13.2 to ensure a quick, effective and orderly response to information security incidents that ensures appropriate corrective or preventative actions, restores normal operations as quickly as possible, and ensures that improvement opportunities are identified and acted upon.
DOC 13.2 requires the Information Security Manager to quantify and monitor the types, volumes and costs of information security incidents.
In all information security incidents, irrespective of whether or not a follow-up action against a person or organization involves legal action (either civil or criminal), evidence is collected, retained and presented as set out in DOC 13.5 to conform to the rules for evidence laid down in the laws of the Kingdom of Bahrain.
Adlin Hisyamuddin
Information Security Manager
____________________________
On:
08 November, 2007
____________________________
Change history
Issue 1 08 November, 2007 Initial issue