ISO 27001 · A.5 Organizational
A.5.24 Information security incident management planning and preparation
Plan and prepare for managing information security incidents by defining processes, roles and responsibilities.
Mapped across 13 provisions
Equivalent and related requirements in other frameworks and regulations.
- NIST 800-53PartialOfficial mapping
Source: NIST SP 800-53 Rev. 5 / ISO/IEC 27001
IR-4 Incident handlingIncident response & breach notification
- DORAPartialCuratedArt. 17 ICT-related incident management process
Incident response & breach notification
- DORAPartialCuratedArt. 19 Reporting of major ICT-related incidents
Incident response & breach notification
- GDPRRelatedCuratedArt. 33 Notification of a personal data breach to the supervisory authority
Incident response & breach notification
- GLBAPartialCurated§314.4(h) Incident response plan
Incident response & breach notification
- HIPAAPartialCurated§164.308(a)(6) Security incident procedures
Incident response & breach notification
- HIPAARelatedCurated§164.404 Notification to individuals
Incident response & breach notification
- ISO 27001PartialCuratedA.5.26 Response to information security incidents
Incident response & breach notification
- LGPDRelatedCuratedArt. 48 Communication of a security incident
Incident response & breach notification
- NIS2PartialCuratedArt. 21(2)(b) Incident handling
Incident response & breach notification
- NIS2PartialCuratedArt. 23 Reporting obligations
Incident response & breach notification
- NIST 800-171PartialCurated3.6.1 Establish an incident-handling capability
Incident response & breach notification
- NIST 800-53PartialCuratedIR-6 Incident reporting
Incident response & breach notification