GB/T 20985.2-2020 Active National standards

GB/T 20985.2-2020 Information technology—Security techniques—Information security incident management—Part 2:Guidelines to plan and prepare for incident response

Publish Date: 2020-12-14 Implement Date: 2021-07-01 For services related to genuine standard inquiry, procurement, translation, and other related services in China, please Contact Us

Basic Information

Standard Code: GB/T 20985.2-2020

Standard Type: National standards

Standard Status: Active

is_force_gb: no

CCS Name: Data encryption

ICS Name: Character sets and information encoding

Publish Date: 2020-12-14

Implement Date: 2021-07-01

Pages: 50 pages

Scope

This part of GB/T 20985 is based on the "Planning and Preparation" phase and the "Lessons Learned" phase of the "Information Security Incident Management Phases" model given in GB/T 20985.1—2017, and provides guidelines for planning and preparing for incident response, as well as summarizing lessons learned and making improvements after an incident.
The key points of the "Planning and Preparation" phase include:
——Information security incident management strategies and the commitment of top management;
——Updating information security strategies at the company level and at the system, service, and network levels, including those related to risk management;
——An information security incident management plan;
——Establishing an incident response team (IRT);
——Establishing relationships and contacts with internal and external organizations;
——Providing technical and other support (including organizational and operational aspects);
——Awareness education and training in information security incident management;
——Testing the information security incident management plan.
The key points of the "Lessons Learned" phase include:
——Summarizing lessons learned;
——Summarizing and improving information security;
——Summarizing and improving the results of risk assessment and management reviews for information security;
——Summarizing and improving the information security incident management plan;
——Evaluating the performance and effectiveness of the IRT.
The principles presented in this part are universal and applicable to organizations of any type, size, or nature. Organizations can adjust the guidelines provided in this part based on the type, size, and nature of their business and the associated information security risk situation. This part is also applicable to external organizations that provide information security incident management services.

Development Information

Word Count: 93 Thousand words Pages: 50 pages

Referenced Standards

GB/T 20985.1-2017 Information technology—Security techniques—Information security incident management—Part 1:Principles of incident management GB/T 29246-2017 Information technology—Security techniques—Information security management systems—Overview and vocabulary

Adopt standards

ISO/IEC 27035-2:2016

Related Standards

GB/T 2312-1980 Active

GB/T 2312-1980 Code of Chinese graphic character set for information interchange—Primary set

Publish Date: 1980-03-09

GB/T 1989-1980 Active

GB/T 1989-1980 Methods for indication of the 7-bit encoding character set for information processing switching on 12.7mm magnetic tape

Publish Date: 1980-07-10

GB/T 1991-1980 Abolished

GB/T 1991-1980 Methods for expression of the 7-bit encoding character set for information processing exchange on perforated paper tape

Publish Date: 1980-07-10

GB/T 3236-1982 Abolished

GB/T 3236-1982 Implementation of 7-bit and 8-bit coded character sets for information processing interchange on punched paper cards

Publish Date: 1982-11-16

GB/T 3469-1983 Replaced

GB/T 3469-1983 Codes for documentary types and documentary carriers

Publish Date: 1983-01-29

GB/T 3911-1983 Active

GB/T 3911-1983 Graphical representations of the control characters of 7-bit coded character set for information processing

Publish Date: 1983-11-02