πΌ A.16.1.6 Learning from information security incidents
- Contextual name: πΌ A.16.1.6 Learning from information security incidents
- ID:
/frameworks/iso-iec-27001-2013/16/01/06 - Located in: πΌ A.16.1 Management of information security incidents and improvements
Descriptionβ
Knowledge gained from analysing and resolving information security incidents shall be used to reduce the likelihood or impact of future incidents.
Similarβ
- Internal
- ID:
dec-c-4c1cb4c0
- ID:
Similar Sections (Give Policies To)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ NIST CSF v1.1 β πΌ DE.DP-5: Detection processes are continuously improved | 14 | 16 | ||
| πΌ NIST CSF v1.1 β πΌ ID.RA-4: Potential business impacts and likelihoods are identified | 7 | 7 | ||
| πΌ NIST CSF v1.1 β πΌ PR.IP-7: Protection processes are improved | 2 | |||
| πΌ NIST CSF v1.1 β πΌ PR.IP-8: Effectiveness of protection technologies is shared | 7 | 7 | ||
| πΌ NIST CSF v1.1 β πΌ RC.IM-1: Recovery plans incorporate lessons learned | ||||
| πΌ NIST CSF v1.1 β πΌ RC.IM-2: Recovery strategies are updated | ||||
| πΌ NIST CSF v1.1 β πΌ RS.AN-2: The impact of the incident is understood | ||||
| πΌ NIST CSF v1.1 β πΌ RS.IM-1: Response plans incorporate lessons learned | ||||
| πΌ NIST CSF v1.1 β πΌ RS.IM-2: Response strategies are updated |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|