What is EN ISO 27035-1:2018 ?

EN ISO 27035-1:2018 and EN ISO 27036-2:2018 are both international standards that provide guidelines for managing information security incidents and supplier relationships, respectively.

EN ISO 27035-1:2018, also known as "Information technology — Security techniques — Information security incident management", is an international standard that provides guidelines for organizations to establish a structured and systematic approach to incident management. The main purpose of EN ISO 27035-1:2018 is to help organizations detect, report, assess, and respond to information security incidents, thereby minimizing the impact on the organization's operations and reputation.

EN ISO 27036-2:2018, on the other hand, is an international standard that provides guidance on information security for supplier relationships. It is part of the ISO/IEC 27000 series, which are a set of global standards for managing information security. The primary purpose of EN ISO 27036-2:2018 is to assist organizations in effectively managing the risks associated with information security when engaging with external suppliers.

The key components of EN ISO 27035-1:2018 and EN ISO 27036-2:2018 include the following:

* A structured and systematic approach to incident management

* The establishment of policies and procedures for incident management

* The identification of potential incidents and the definition of reporting requirements

* The implementation of incident management processes and the management of incidents

* The documentation of incident management activities and the tracking of incidents

* The communication of incident information to stakeholders and the management of incident communication

* The assessment of incident management effectiveness and the identification of areas for improvement.

In conclusion, EN ISO 27035-1:2018 and EN ISO 27036-2:2018 are both important international standards that provide organizations with guidelines for managing information security incidents and supplier relationships. By implementing these standards, organizations can minimize the impact of information security incidents on their operations and reputation and ensure the security of their information throughout the supply chain.