Professional Documents
Culture Documents
Example Form For Information Security Event Report
Example Form For Information Security Event Report
3
Event numbers should be allocated by the organization’s ISIRT Manager.
D.4.2 Example form for information security incident report
4
Incident numbers should be allocated by the organization’s ISIRT Manager, and linked to the associated event numbers.
Information Security Incident Report Page 2 of 6
8. INFORMATION SECURITY INCIDENT CATEGORY
(Tick one, then complete related section below.)
8.1 Actual 8.2 Suspected
(incident has occurred) (incident thought to have occurred but not confirmed)
(One of) 8.3 Natural disaster (indicate threat types involved)
8.15 Others
(If not yet established whether incident belongs to the above category, tick here)
Specify:
Information Security Incident Report Page 4 of 6
9. COMPONENTS/ASSETS AFFECTED5
Components/ Assets Affected (Provide descriptions of the components/assets affected by or related to the incident,
(if any) including serial, license and version numbers where relevant.)
9.1 Information/Data
9.2 Hardware
9.3 Software
9.4 Communications
9.5 Documentation
9.6 Processes
9.7 Other
For each of the following indicate if relevant in the tick box, then against “value” record the level(s) of adverse business impact,
covering all parties affected by the incident, on a scale of 1 to 10 using the guidelines for the categories of: Financial
Loss/Disruption to Business Operations, Commercial and Economic Interests, Personal Information, Legal and Regulatory
Obligations, Management and Business Operations, and Loss of Goodwill. (See Annex C.3.2 for examples). Record the code letters
for the applicable guidelines against “Guideline”, and if actual costs are known, enter these against “cost”.
No Perpetrator
Specify:
(e.g. ‘no action’, ‘in-house action’, ‘internal investigation’, ‘external’ investigation by ...’)
(tick to indicate that the incident is considered Major or Minor, and include a short narrative to justify the conclusion
Major
Minor
(This detail to be completely by the relevant person with information security responsibilities, stating the actions required. As
relevant this may be adjusted by the organization's Information Security manager or other responsible official)
Other
Specify:
(This detail to be completely by the relevant person with information security responsibilities, stating the actions required. As
relevant this may be adjusted by the organization's Information Security manager or other responsible official)
Police Other
Specify:
21. SIGN-OFFS
2. Vulnerability Number6
3.1 Name
3.3 Organization 3.5 Telephone
Concerned
were to be Exploited
Exploited
5.9 Description in Narrative Terms of how Information Security Vulnerability has been Resolved,
with Date and Name of Person Authorising Resolution
YES NO