标准摘要
[中文适用范围]: 此文档提供了多个组织协调处理信息安全事件的指南。它还讨论了外部合作对外部单个组织内部事件管理的影响,并为个体组织适应协调过程提供指导方针。此外,如果存在协调团队,则为该团队执行支持跨组织事件响应的协调活动提供了指导方针。 本文件中的原则是通用的,旨在适用于多个组织共同协作处理信息安全事件,无论其类型、规模或性质如何。各组织可以根据其业务类型、规模及其与信息安全风险状况的相关性调整本文档提供的指导。此外,参与合作伙伴关系的个体组织也适用此文档。 [外文原描述]: This document provides guidelines for multiple organizations handling information security incidents in a coordinated manner. It also addresses the impacts of external cooperation on the internal incident management of an individual organization and provides guidelines for an individual organization to adapt to the coordination process. Furthermore, it provides guidelines for the coordination team, if it exists, to perform coordination activities supporting the cross-organization incident response. The principles given in this document are generic and are intended to be applicable to multiple organizations to work together to handle information security incidents, regardless of their types, sizes or nature. Organizations can adjust the guidance given in this document according to their type, sizes and nature of business in relation to the information security risk situation. This document is also applicable to an individual organization that participates in partner relationships.
英文名称Information technology - Information security incident management - Part 4: Coordination