Information technology - Security techniques - Guidance on assuring suitability and adequacy of incident investigative method

The information about the standard:

Designation standards: ISO/IEC 27041-ed.1.0
Publication date standards: 19.6.2015
The number of pages: 18
Approximate weight : 54 g (0.12 lbs)
Country: International technical standard
Kategorie: Technické normy ISO

Annotation of standard text ISO/IEC 27041-ed.1.0 :

ISO/IEC 27041:2015 provides guidance on mechanisms for ensuring that methods and processes used in the investigation of information security incidents are "fit for purpose". It encapsulates best practice on defining requirements, describing methods, and providing evidence that implementations of methods can be shown to satisfy requirements. It includes consideration of how vendor and third-party testing can be used to assist this assurance process. This document aims to ? provide guidance on the capture and analysis of functional and non-functional requirements relating to an Information Security (IS) incident investigation, ? give guidance on the use of validation as a means of assuring suitability of processes involved in the investigation, ? provide guidance on assessing the levels of validation required and the evidence required from a validation exercise, ? give guidance on how external testing and documentation can be incorporated in the validation process. LISO/IEC 27041:2015 fournit des preconisations concernant les mecanismes visant a garantir que les methodes et processus utilises dans linvestigation des incidents de securite de linformation sont «en adequation avec lapplication visee». Elle englobe les pratiques dexcellence sur la definition des exigences, la description des methodes et lattestation que les mises en ?uvre des methodes satisfont aux exigences. Elle prend en compte les modalites dutilisation des essais menes par le fournisseur et les tierces parties pour contribuer a ce processus de garantie dadequation. LISO/IEC 27041:2015 vise a: - fournir des preconisations concernant la collecte et lanalyse des exigences fonctionnelles et non fonctionnelles liees a une investigation sur un incident de securite de linformation (IS); - fournir des preconisations concernant lusage de la validation comme une garantie daptitude a lemploi des processus sollicites par linvestigation; - fournir des preconisations concernant levaluation des niveaux de validation requis et les preuves exigees sur un exercice de validation; - fournir des preconisations concernant lintegration des essais et documentations externes au processus de validation.