Professional Documents
Culture Documents
Processus de Gestion Des Incidents
Processus de Gestion Des Incidents
Crisis handling
User/ Point of contact Internal ISIRT function,
Source (24h x 7d) (on call) including External
ISIRTs
Detection
Reporting
Contact NO
point
exists?
YES
Information Information
Collection Collection
Assessment Assessment
YES
Possible
information
security
incident?
Confirmed
NO NO information
security
incident?
YES
Response
Immediate
Response
Incident under NO
control?
YES
Response to
Later Response
Crisis situation
Digital evidence
Collection
Communication
Reduction
of
false alarm
Review
Improve
NOTE False alarm is an indication of a reported event that is found not to be real or of any consequence.