Appendix O: Sample Security Procedure

Procedure 3-7: Incident Response

Satisfies Security Requirements (National Institute of Standards and Technology Special Publication [NIST SP] 800-53): Controls IR-1 to IR-7

Responsibility for Implementation and Enforcement

Group name: IT Operations
Person’s name: Joe Doaks
Title: ABC System information system security officer (ISSO)
Phone: (123) 456-7890
E-mail: joe.doaks@xyz.com

References

XYZ Company Policy 37, Computer Incident Reporting

Applicability

A security incident occurs whenever XYZ Company information is compromised, when there is a risk of compromise of such information, when recurring or successful attempts to obtain unauthorized access to the ABC System are detected, or where misuse of ...

Get Official (ISC)2® Guide to the CAP® CBK®, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Official (ISC)2® Guide to the CAP® CBK®, 2nd Edition by Patrick D. Howard

Appendix O: Sample Security Procedure

Responsibility for Implementation and Enforcement

References

Applicability

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly