ISO/IEC 27035-1 Revised
ISO/IEC 27035-1:2016
Information technology - Security techniques - Information security incident management - Part 1: Principles of incident management
ISO/IEC 27035-1:2016 is the foundation of this multipart International Standard. It presents basic concepts and phases of information security incident management and combines these concepts with principles in a structured approach to detecting, reporting, assessing, and responding to incidents, and applying lessons learnt.
The principles given in ISO/IEC 27035-1:2016 are generic and intended to be applicable to all organizations, regardless of type, size or nature. Organizations can adjust the guidance given in ISO/IEC 27035-1:2016 according to their type, size and nature of business in relation to the information security risk situation. It is also applicable to external organizations providing information security incident management services.
The principles given in ISO/IEC 27035-1:2016 are generic and intended to be applicable to all organizations, regardless of type, size or nature. Organizations can adjust the guidance given in ISO/IEC 27035-1:2016 according to their type, size and nature of business in relation to the information security risk situation. It is also applicable to external organizations providing information security incident management services.
CHFÂ 65.-
A more recent version of this publication exists:
ISO/IEC 27035-1:2023
Technical committee
ISO/IEC JTC 1/SC 27 Information security, cybersecurity and privacy protectionKeywords
Cyber security - Smart city| Publication type | International Standard |
| Publication date | 2016-10-28 |
| Edition | 1.0 |
| ICS | 35.030 |
| Withdrawal date | 2023-02-13 |
| Pages | 21 |
| File size | 1.82 MB |