Find Resources and Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

Subscribe to this discussion

Audit Program for Incident Response

Hello, does any one have a link to a solid example of an Incident Response Audit Program? I found an ISACA one that's pretty detailed (http://www.isaca.org/knowledge-center/research/researchdeliverables/pages/security-incident-management-audit-assurance-program.aspx) but would like some additional resources as well. Thanks for any suggestions! Jeff
You must sign in to rate content.
(Unrated)

Comments

RE: Audit Program for Incident Response

I've used the ISACA one you mention and it's extremely good.   I found I just needed to ensure site specifics were incorporated (e.g., ensuring that workarounds provided for temporary resolution of incidents didn't constitute unacceptable deviation from a regulated business process).
Phil GreenInfluential at 1/1/2016 3:08:49 AM Quote
You must sign in to rate content.
(Unrated)

RE: Audit Program for Incident Response

Thanks Phil! Right now we are having some preliminary concerns that they don't have a documented response procedure (yikes). I appreciate your feedback.
Jeff MurfinSocial at 1/4/2016 7:18:38 PM Quote
You must sign in to rate content.
(Unrated)

RE: Audit Program for Incident Response

Jeff, You may also want to consult NIST http://www.nist.gov/cyberframework/ Their framework is cross-referenced to COBIT, ISO 27001, ISA, and others. Worth a look.
Yolanda BakerSocial at 1/28/2016 7:45:42 AM Quote
You must sign in to rate content.
(Unrated)

RE: Audit Program for Incident Response

Jeff, You may also want to consult NIST http://www.nist.gov/cyberframework/ Their framework is cross-referenced to COBIT, ISO 27001, ISA, and others. Worth a look.
Yolanda BakerSocial at 1/28/2016 7:45:42 AM Quote
You must sign in to rate content.
(Unrated)

RE: Audit Program for Incident Response

Thanks Phil! Right now we are having some preliminary concerns that they don't have a documented response procedure (yikes). I appreciate your feedback.
Jeff MurfinSocial at 1/4/2016 7:18:38 PM Quote
You must sign in to rate content.
(Unrated)

RE: Audit Program for Incident Response

I've used the ISACA one you mention and it's extremely good.   I found I just needed to ensure site specifics were incorporated (e.g., ensuring that workarounds provided for temporary resolution of incidents didn't constitute unacceptable deviation from a regulated business process).
Phil GreenInfluential at 1/1/2016 3:08:49 AM Quote
You must sign in to rate content.
(Unrated)

RE: Audit Program for Incident Response

I've used the ISACA one you mention and it's extremely good.   I found I just needed to ensure site specifics were incorporated (e.g., ensuring that workarounds provided for temporary resolution of incidents didn't constitute unacceptable deviation from a regulated business process).
Phil GreenInfluential at 1/1/2016 3:08:49 AM Quote
You must sign in to rate content.
(Unrated)

RE: Audit Program for Incident Response

Thanks Phil! Right now we are having some preliminary concerns that they don't have a documented response procedure (yikes). I appreciate your feedback.
Jeff MurfinSocial at 1/4/2016 7:18:38 PM Quote
You must sign in to rate content.
(Unrated)

RE: Audit Program for Incident Response

Jeff, You may also want to consult NIST http://www.nist.gov/cyberframework/ Their framework is cross-referenced to COBIT, ISO 27001, ISA, and others. Worth a look.
Yolanda BakerSocial at 1/28/2016 7:45:42 AM Quote
You must sign in to rate content.
(Unrated)

Leave a Comment

* required

You must login to leave a comment.