Reporting information security events and weaknesses

Objective: To ensure information security events and weaknesses associated with information systems are communicated in a manner allowing timely corrective action to be taken.

An effective and efficient incident management system for information security incidents must be implemented with appropriate escalation processes.

Reporting information security events

Information security incidents should be reported as quickly as possible through the appropriate management channels.

Reporting of security weaknesses

All users of organisational information processing systems should be educated to note and report suspected security weaknesses, but they should not seek to exploit them to prove the weakness.

An Introduction To Information, Network and Internet Security
Reporting information security events and weaknesses Objective: To ensure information security events and weaknesses associated with information systems are communicated in a manner allowing timely corrective action to be taken. An effective and efficient incident management system for information security incidents must be implemented with appropriate escalation processes. Reporting information security events Information security incidents should be reported as quickly as possible through the appropriate management channels. Reporting of security weaknesses All users of organisational information processing systems should be educated to note and report suspected security weaknesses, but they should not seek to exploit them to prove the weakness.	The Security Practitioner An Introduction to Information Security
Return To An Introduction to Information Security