ISO/IEC 27035 provides the guidelines to plan and prepare for incident response. The guidelines are based on the "Information security incident management phases" model presented in ISO/IEC 27035 1. The sole purpose of incident management is to rapidly respond to unexpected security-breaches, aiming at controlling impacts within acceptable levels. Working as per this standard makes an organization prepared for the cyber-attacks that are likely to occur.
Abiding by this standard, our consultants devise an information security incident management policy for our clients and ensure commitment of top management. We also make sure that our tailor-made policies, including those pertaining to risk management, are being updated at both corporate level and employee levels in order to cater the needs of changing cyber environments.