Investigating Cause and Impact of Information Security Incidents

Your investigation into an Information Security incident must identify its cause and appraise its impact on your systems or data. This will assist you in planning how to prevent a reoccurrence.

To view the related Policy click      

  • A recurrence of data loss / corruption during a particular phase of processing may be indicative of the inappropriate closure of a prior Information Security incident.

  • Test patches or fixes to software thoroughly so that an Information Security incident, once identified, cannot occur again.
  • Log known Information Security weaknesses (and any resulting incident) so that similar occurrences can be identified easily. The log should detail both successful and failed attempts to close Information Security incidents. This can be useful for assessing techniques employed during other investigations.
  • Your impact analysis of Information Security incidents should consider (but not be limited to) :-
  1. System downtime.
  2. Number of users effected.
  3. Monetary loss incurred.
  4. Reputation loss incurred.
  5. Client losses (monetary, reputation etc.)


  • You may need to call in a specialist team to assist in the analysis, particularly if the incident had far reaching effects.
Previous PageTop of this pageNext Page

Information Security Policies from US$595


Use of the guidance contained within RUSecure™ is subject to the End User Licence Agreement
This site created with EasyHTMLHelp(tm) for MS Word


Next PageUpPrevious Page