💼 A.16.1.6 Learning from information security incidents
- Contextual name: 💼 A.16.1.6 Learning from information security incidents
- ID:
/frameworks/iso-iec-27001-2013/16/01/06 - Located in: 💼 A.16.1 Management of information security incidents and improvements
Description​
Knowledge gained from analysing and resolving information security incidents shall be used to reduce the likelihood or impact of future incidents.
Similar​
- Internal
- ID:
dec-c-4c1cb4c0
- ID:
Similar Sections (Give Policies To)​
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| 💼 NIST CSF v1.1 → 💼 DE.DP-5: Detection processes are continuously improved | 13 | 15 | ||
| 💼 NIST CSF v1.1 → 💼 ID.RA-4: Potential business impacts and likelihoods are identified | 7 | 7 | ||
| 💼 NIST CSF v1.1 → 💼 PR.IP-7: Protection processes are improved | 2 | |||
| 💼 NIST CSF v1.1 → 💼 PR.IP-8: Effectiveness of protection technologies is shared | 6 | 6 | ||
| 💼 NIST CSF v1.1 → 💼 RC.IM-1: Recovery plans incorporate lessons learned | ||||
| 💼 NIST CSF v1.1 → 💼 RC.IM-2: Recovery strategies are updated | ||||
| 💼 NIST CSF v1.1 → 💼 RS.AN-2: The impact of the incident is understood | ||||
| 💼 NIST CSF v1.1 → 💼 RS.IM-1: Response plans incorporate lessons learned | ||||
| 💼 NIST CSF v1.1 → 💼 RS.IM-2: Response strategies are updated |
Sub Sections​
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|