💼 A.16.1.6 Learning from information security incidents
- ID:
/frameworks/iso-iec-27001-2013/16/01/06
Description​
Knowledge gained from analysing and resolving information security incidents shall be used to reduce the likelihood or impact of future incidents.
Similar​
- Internal
- ID:
dec-c-4c1cb4c0
- ID:
Similar Sections (Give Policies To)​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 NIST CSF v1.1 → 💼 DE.DP-5: Detection processes are continuously improved | 13 | 16 | no data | ||
| 💼 NIST CSF v1.1 → 💼 ID.RA-4: Potential business impacts and likelihoods are identified | 7 | 7 | no data | ||
| 💼 NIST CSF v1.1 → 💼 PR.IP-7: Protection processes are improved | 2 | no data | |||
| 💼 NIST CSF v1.1 → 💼 PR.IP-8: Effectiveness of protection technologies is shared | 6 | 7 | no data | ||
| 💼 NIST CSF v1.1 → 💼 RC.IM-1: Recovery plans incorporate lessons learned | no data | ||||
| 💼 NIST CSF v1.1 → 💼 RC.IM-2: Recovery strategies are updated | no data | ||||
| 💼 NIST CSF v1.1 → 💼 RS.AN-2: The impact of the incident is understood | no data | ||||
| 💼 NIST CSF v1.1 → 💼 RS.IM-1: Response plans incorporate lessons learned | no data | ||||
| 💼 NIST CSF v1.1 → 💼 RS.IM-2: Response strategies are updated | no data |
Sub Sections​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|