The incident management process of an organization enables them to prepare for and respond to information security incidents. In addition, the organization has procedures in place for assessing information security events. According to ISO/IEC 27001, what else must an incident management process include?
The answer here is A A. Processes for using knowledge gained from information security incidents AKA Lessons learnt 5.24 Information security incident management planning and preparation h. identification of lessons learned and any improvements to the incident management procedures or information security controls in general that are required. B. Establishment of two information security incident response teams Only need one C. Processes for handling information security incidents of suppliers as defined in their agreements This is part of the supplier clauses