Security Incident Response Audit Checklist for ISO17799
Download Free Incident Response Audit Checklist
- Were the response efforts provided appropriate? Did the selected course of action work?
- Was there enough information available to analyze the incident? If not, what else would have helped and how could that have been obtained?
- Were all appropriate parties kept informed of the status of the incident response? Was the information flow sufficient?
- Which steps went well? Which steps could be improved?
- Did the incident-handling procedures cover all needed steps or requirements? What documentation was the most helpful? Least helpful?
- Have steps been taken to prevent a reoccurrence of the incident?
- Should anyone else be alerted to the vulnerability exploited, such as a vendor?
- Might other systems within the constituency be vulnerable to the same attack? If so, what steps can be taken to mitigate the risks to those systems?
- Can the vulnerability exploited be addressed in organizational security policies? Do any policies need to be rewritten?
- Are there any other lessons learned that should be documented or acted upon?
| Attachment | Size |
|---|---|
| incident-response-audit-checklist.jpg | 27.85 KB |
| incident-response-audit-checklist.pdf | 10.15 KB |
| incident-response-audit-checklist.xls | 14 KB |
- 1222 reads