Ver:
Procesos para
la detección, notificación, evaluación, respuesta, tratamiento, y aprendizaje
de incidentes de seguridad de información. [UNE-ISO/IEC 27000:2014]
Plan de acción para atender a los incidentes que se
den. Además de resolverlos debe incorporar medidas de desempeño que permitan
conocer la calidad del sistema de protección y detectar tendencias antes de que
se conviertan en grandes problemas. [ENS:2010]
(Operación del Servicio) Proceso responsable de la
gestión del Ciclo de vida de todos los Incidentes. El objetivo primario de la
Gestión de Incidencias es recuperar el Servicio de TI para los Usuarios lo
antes posible. [ITIL:2007]
processes for detecting,
reporting, assessing, responding to, dealing with, and learning from
information security incidents [ISO/IEC 27000:2014]
The documentation of a
predetermined set of instructions or procedures to detect, respond to, and
limit consequences of an incident against an organization’s IT systems(s).
[CNSSI_4009:2010]
(Service Operation) The
Process responsible for managing the Lifecycle of all Incidents. The primary
Objective of Incident Management is to return the IT Service to Users as
quickly as possible. [ITIL:2007]
clearly defined and
documented plan of action for use at the time of an incident, typically
covering the key personnel, resources, services and actions needed to implement
the incident management process. [BS25999-1:2006]
the formal process of
responding to and dealing with information security events and incidents. [ISO-18028-1:2006]
[ISO-18044:2004]
The documentation of a
predetermined set of instructions or procedures to detect, respond to, and
limit consequences of a malicious cyber attacks against an organizations IT
systems(s). [NIST-SP800-34:2002]
Incident Handling is an action
plan for dealing with intrusions, cyber-theft, denial of service, fire, floods,
and other security-related events. It is comprised of a six step process:
Preparation, Identification, Containment, Eradication, Recovery, and Lessons
Learned.
http://www.sans.org/security-resources/glossary-of-terms/
The ability to deliver the
event or set of events to an incident management system or a HelpDesk system to
resolve and track incidents.
http://www.symantec.com/avcenter/refa.html
The sequence of phases that
a security event goes through from the time it is identified as a security
compromise or incident to the time it is resolved and reported.
http://www.symantec.com/avcenter/refa.html
(Exploitation de
Services) Processus en charge de la gestion du cycle de vie de tous les
incidents. L’objectif principal de la Gestion des incidents est de rendre le
service des TI aux utilisateurs aussi rapidement que possible. [ITIL:2007]