All security incidents are addressed in a consistent manner to improve security based on what has happened.
In the incident treatment process:
The organization shall establish a incident response plan for security incidents to critical information systems. Response plans should also be tested by the necessary organizational elements. The plan should take into account at least:
In addition, the plan should at least:
The organization has defined a process and the team involved in responding promptly to security incidents and deciding on the appropriate actions.
The first level response process includes at least: