BIZOPS-7 Security Incident Management Plan

What is BIZOPS-7 Security Incident Management Plan control?

A security incident management plan, or incident management policy, is the first step in building an incident program. TrustCloud gets you started with an out-of-the-box policy, but it is important to make this policy customized. As an organization, you must define what an incident is and the types of incidents that can occur in your environment. There is no right or wrong incident management policy, as each organization is unique.

Available tools in the marketplace

Tools

No tool recommendations are made for this section.

Available templates

TrustCloud has a curated list of templates, internally or externally sourced, to help you get started. Click on the link for a downloadable version:

• Incident Best Practice recommendation from NIST (National Institute of Standards and Technology)
• Incident Response Plan Template

Control implementation

NOTE: This control is 100% automated by TrustCloud. Upload your policy or leverage TrustCloud’s built-in policy to enjoy the benefits of automation.

To implement this control manually,

You need to document an incident management policy and procedures that include:

• Incident definition
• Incident identification
• Incident response team
• Incident analysis
• Incident containment/remediation
• Incident reporting
• Lessons learned

What evidence do auditors look for?

Most auditors, at a minimum, are looking for the below-suggested action:

1. Provide your incident management procedures.

Evidence example

For the suggested action, an example is provided below:

1. Provide your incident management procedures.

You can use the TrustCloud Incident Management Plan template.