ISO/IEC 27043 Incident investigation principles and processes

ISO/IEC 27043:2015 – Information technology — Security techniques — Incident investigation principles and processes

What is ISO/IEC 27043 standard?

ISO/IEC 27043 standard is intended to complement other standards and documents which regulate management of investigation.

It is a guide, lays down certain fundamental principles which are intended to ensure that tools, techniques, and methods can be selected appropriately and shown to be fit for purpose should the need arise.

ISO 27043 standard also intends to inform decision-makers that need to determine the reliability of digital evidence presented to them. It is applicable to organizations needing to protect, analyse, and present potential digital evidence. It is relevant to policy-making bodies that create and evaluate procedures relating to digital evidence, often as part of a larger body of evidence.

The most relevant of the ISO / IEC 27043 standards are:
– ISO/IEC 27041:2015 – Information technology — Security techniques — Incident investigation principles and processes – Guidance on assuring suitability and adequacy of incident investigative method – Guidance on how to ensure that methods and processes they met the requirements of the investigation and were tested accordingly.
– ISO/IEC 27042 – Information technology — Security techniques — Guidelines for the analysis and interpretation of digital evidence – Provides guidance on analyzing and interpreting potential digital evidence to identify and evaluate it, and to facilitate understanding of the incident.

We offer training, assistance in implementation and maintenance
and conducting audits of processes related to security incidents
information on compliance with ISO / IEC 27043
Incident investigation principles and processes.

Free quotation of ISO 27043

Steps of implementation ISO 27043 with IQME:

Step 1: Pre audit of ISO 27043 and implementation quotation
Step 2: Development of documentation of incident management processes in accordance with ISO / IEC 27043
Step 3: Training for Internal Auditors, Management and employees
Step 4: Implementation of documentation of incident management processes in accordance with ISO / IEC 27043
Step 5: Internal audits
Step 6: Corrective actions

IQME specialists will develop necessary documentation and forward you for acceptance.
You decide which implementation steps you would like to choose.