| Publication CODE |
Title |
| ISO/IEC 27041:2015 (2015-06) |
INFORMATION TECHNOLOGY -- SECURITY TECHNIQUES -- GUIDANCE ON ASSURING SUITABILITY AND ADEQUACY OF INCIDENT INVESTIGATIVE METHOD |
| |
| Price Excl. VAT |
Total number of pages, tables and drawings |
|
102.00 €
|
18 P.. |
Description
ISO/IEC 27041:2015 provides guidance on mechanisms for ensuring that methods and processes used in the investigation of information security incidents are fit for purpose . It encapsulates best practice on defining requirements, describing methods, and providing evidence that implementations of methods can be shown to satisfy requirements. It includes consideration of how vendor and third-party testing can be used to assist this assurance process. This document aims to - provide guidance on the capture and analysis of functional and non-functional requirements relating to an Information Security (IS) incident investigation, - give guidance on the use of validation as a means of assuring suitability of processes involved in the investigation, - provide guidance on assessing the levels of validation required and the evidence required from a validation exercise, - give guidance on how external testing and documentation can be incorporated in the validation process.
|
| Class |
C990
(IEC PUBLICATIONS IEC PUBLICATIONS)
|
| Status |
IEC PUBLICATION |
| Situation |
Currently active
|
|
| Committee |
ISO/IEC JTC 1/SC 27
IT SECURITY TECHNIQUES
|
| BEC Approval |
2015-06-19 |
| Registration |
158221 |
| ICS-Code (International Standards Classification) |
35.030
|
| NBN Status |
New |
|
| IEC publication date |
2015-06-19 |
|
