Ver:
Procesos para
la detección, notificación, evaluación, respuesta, tratamiento, y aprendizaje
de incidentes de seguridad de información. [UNE-ISO/IEC 27000:2014]
Plan de acción para atender a los incidentes que se den. Además de resolverlos debe incorporar medidas de desempeño que permitan conocer la calidad del sistema de protección y detectar tendencias antes de que se conviertan en grandes problemas. [ENS:2010]
(Operación del Servicio) Proceso responsable de la gestión del Ciclo de vida de todos los Incidentes. El objetivo primario de la Gestión de Incidencias es recuperar el Servicio de TI para los Usuarios lo antes posible. [ITIL:2007]
processes for
detecting, reporting, assessing, responding to, dealing with, and learning from
information security incidents [ISO/IEC 27000:2014]
The documentation
of a predetermined set of instructions or procedures to detect, respond to, and
limit consequences of an incident against an organizations IT systems(s).
[CNSSI_4009:2010]
(Service
Operation) The Process responsible for managing the Lifecycle of all Incidents.
The primary Objective of Incident Management is to return the IT Service to
Users as quickly as possible. [ITIL:2007]
clearly defined
and documented plan of action for use at the time of an incident, typically
covering the key personnel, resources, services and actions needed to implement
the incident management process. [BS25999-1:2006]
the formal
process of responding to and dealing with information security events and
incidents. [ISO-18028-1:2006] [ISO-18044:2004]
The documentation
of a predetermined set of instructions or procedures to detect, respond to, and
limit consequences of a malicious cyber attacks against an organizations IT
systems(s). [NIST-SP800-34:2002]
Incident Handling
is an action plan for dealing with intrusions, cyber-theft, denial of service,
fire, floods, and other security-related events. It is comprised of a six step
process: Preparation, Identification, Containment, Eradication, Recovery, and
Lessons Learned.
http://www.sans.org/security-resources/glossary-of-terms/
The ability to
deliver the event or set of events to an incident management system or a
HelpDesk system to resolve and track incidents.
http://www.symantec.com/avcenter/refa.html
The sequence of
phases that a security event goes through from the time it is identified as a
security compromise or incident to the time it is resolved and reported.
http://www.symantec.com/avcenter/refa.html
(Exploitation de Services) Processus en charge de la gestion du cycle de vie de tous les incidents. Lobjectif principal de la Gestion des incidents est de rendre le service des TI aux utilisateurs aussi rapidement que possible. [ITIL:2007]
Temas relacionados