Security incidents can have a huge cost factor on an organization. Examine incident logging, analyzing, and documenting, as well as techniques for responding to and recovering from information security incidents.
Learning Objectives
CISM: Information Security Incident Management Part 2
- describe incident reporting requirements and procedures
- define post-incident review practices and investigations
- quantify damages, costs and business impacts
- detect, log, analyze and document events
- classify resources for investigation of incidents
- identify impact of changes to the environment
- know techniques to test the incident response plan
- specify regulatory, legal and organization requirements
- define KPIs and metrics to evaluate the response plan
- define InfoSec security management