< Return to Video

How to Audit Incident Management - Top 10 audit check points (2020)

  • 0:00 - 0:02
    Incident management involves returning
  • 0:02 - 0:03
    service
  • 0:03 - 0:06
    to normal as soon as possible after an
  • 0:06 - 0:07
    incident has occurred
  • 0:07 - 0:10
    in an organization. Hello and Welcome to
  • 0:10 - 0:12
    Information Security Governance
  • 0:12 - 0:15
    Risk and Compliance. My name is Salvadore
  • 0:15 - 0:15
    Vaz,
  • 0:15 - 0:17
    and today we will learn how to audit an
  • 0:17 - 0:19
    Incident management process
  • 0:19 - 0:22
    in an organization in 10 steps.
  • 0:22 - 0:25
    Let's get started.
  • 0:26 - 0:28
    Point # 1, check and verify if
  • 0:28 - 0:30
    there is an incident management policy
  • 0:30 - 0:31
    defined,
  • 0:31 - 0:33
    approved and reviewed regularly. Make
  • 0:33 - 0:34
    sure that it contains
  • 0:34 - 0:36
    incident response plans, rules and
  • 0:36 - 0:41
    responsibilities escalation metrics etc.
  • 0:42 - 0:44
    Point # 2. Check and verify if
  • 0:44 - 0:46
    security incidents and events are locked
  • 0:46 - 0:48
    to an SIEM solution,
  • 0:48 - 0:50
    And incident response and resolution is
  • 0:50 - 0:52
    defined and implemented. Also make sure
  • 0:52 - 0:54
    that the incident responders are
  • 0:54 - 0:55
    well trained to handle the incidents and
  • 0:55 - 0:57
    make sure that there is a way or
  • 0:57 - 0:58
    mechanism
  • 0:58 - 1:02
    to report incidents by employees.
  • 1:04 - 1:06
    Point # 3, check and verify if
  • 1:06 - 1:07
    the incidents are locked in an
  • 1:07 - 1:08
    application
  • 1:08 - 1:10
    for better tracking ensure all the
  • 1:10 - 1:12
    details of the incidents are locked and
  • 1:12 - 1:14
    captured properly
  • 1:14 - 1:16
    and ensure if the organization has a
  • 1:16 - 1:17
    known error database
  • 1:17 - 1:20
    for easy reference.
  • 1:22 - 1:23
    Point # 4, make sure that the
  • 1:23 - 1:25
    incidents are evaluated
  • 1:25 - 1:28
    and analyzed on the criticality and
  • 1:28 - 1:30
    severity such as high
  • 1:30 - 1:32
    medium or low.
  • 1:34 - 1:35
    Point # 5, check and verify if
  • 1:35 - 1:37
    the incidents are
  • 1:37 - 1:39
    prioritized based on the impact on the
  • 1:39 - 1:40
    organization
  • 1:40 - 1:42
    and adequate resources are aligned to
  • 1:42 - 1:45
    resolve it.
  • 1:46 - 1:48
    Point # 6, check and verify if the
  • 1:48 - 1:50
    incidents are followed up for updates
  • 1:50 - 1:53
    and closures and escallations are made if
  • 1:53 - 1:56
    necessary.
  • 1:57 - 2:00
    Point # 7, check and verify that
  • 2:00 - 2:01
    all the critical incidents
  • 2:01 - 2:06
    are reported to management resolved and
  • 2:07 - 2:08
    closed.
  • 2:08 - 2:10
    Point # 8, check and verify the
  • 2:10 - 2:13
    time to respond and time to resolve
  • 2:13 - 2:15
    of a few sample incidents to check if
  • 2:15 - 2:18
    the SLAs are met.
  • 2:20 - 2:22
    Point # 9, check and verify if
  • 2:22 - 2:24
    all the evidences are collected and
  • 2:24 - 2:26
    stored in a secure place
  • 2:26 - 2:28
    additionally check and verify if Root
  • 2:28 - 2:30
    Cause Analysis is performed of the
  • 2:30 - 2:31
    incidents
  • 2:31 - 2:32
    and learnings from the incidents are
  • 2:32 - 2:37
    derived for future reference
  • 2:37 - 2:39
    and finally point # 10, ensure the
  • 2:39 - 2:41
    compliance of regulatory or statutory
  • 2:41 - 2:42
    requirements
  • 2:42 - 2:44
    for reporting an incident or security
  • 2:44 - 2:46
    breach.
  • 2:46 - 2:47
    Do share the video and provide your
  • 2:47 - 2:51
    feedback, Thank you for watching!
Title:
How to Audit Incident Management - Top 10 audit check points (2020)
Description:
more » « less
Video Language:
English
Duration:
02:50

English subtitles

Revisions Compare revisions

Our website uses cookies for analysis purposes.