Information technology - Security techniques - Guidance on assuring suitability and adequacy of incident investigative method
NORM herausgegeben am 1.1.2017
Bezeichnung normen: ČSN EN ISO/IEC 27041
Zeichen: 369850
Katalog-Nummer: 500977
Ausgabedatum normen: 1.1.2017
Zahl der Seiten: 36
Gewicht ca.: 108 g (0.24 Pfund)
Land: Tschechische technische Norm
Kategorie: Technische Normen ČSN
This International Standard provides guidance on mechanisms for ensuring that methods and processes used in the investigation of information security incidents are "fit for purpose". It en-capsulates best practice on defining requirements, describing methods, and providing evidence that implementations of methods can be shown to satisfy requirements. It includes consideration of how vendor and third-party testing can be used to assist this assurance process. This do-cument aims to
- provide guidance on the capture and analysis of functional and non-functional requirements relating to an Information Security (IS) incident investigation,
- give guidance on the use of validation as a means of assuring suitability of processes involved in the investigation,
- provide guidance on assessing the levels of validation required and the evidence required from a validation exercise,
- give guidance on how external testing and documentation can be incorporated in the validation process