🚨
← Back to Standards

ISO/IEC 27035

Information security incident management

Organization: ISO/IEC Category: Incident Management
1
Related Articles
2
Articles with Obligations
7
Key Sections
8
Coverage Areas

Overview

Provides guidelines for information security incident management, including preparation, detection, assessment, response, and lessons learned. Covers the complete incident lifecycle from planning to post-incident activities.

Applicability

Cybersecurity incident detection, response, and recovery

Relevance to General Data Protection Regulation (GDPR)

Key Coverage Areas

1
Incident management policy and planning
2
Incident detection and reporting
3
Incident assessment and classification
4
Incident response procedures
5
Communication during incidents
6
Evidence collection and preservation
7
Post-incident analysis
8
Lessons learned and improvement

Standard Sections & Chapters

5

Incident management planning

6

Detection and reporting

7

Assessment and decision

8

Responses

Part-1

Principles of incident management

Part-2

Guidelines to plan and prepare

Part-3

Guidelines for ICT incident response operations

Related General Data Protection Regulation (GDPR) Articles

Article 33: Notification of a personal data breach to the supervisory authority

View Article →
Sections: 6, 7, 8

Incident management process

Implementation Guidance:

Use ISO 27035 for breach detection, assessment, and reporting

Quick Information

Organization
ISO/IEC
Category
Incident Management
Certification
Not available

Related Pages

← All General Data Protection Regulation (GDPR) Standards View All Articles Compliance Guide
Get Implementation Help

🤝 Still Feeling Overwhelmed?

EU cybersecurity laws can be complex. Our free tools and guides work great for most people, but if you're dealing with something particularly challenging or have tight deadlines, we're here to help.

Talk to an expert → or Browse all our free resources →