When to use this
Practical use
Use this as a working artifact. Fill it with real owners, dates, decisions, evidence locations, and review status.
Use this to record reported information security events and the decision on whether each event is an information security incident.
Register
| Event ID | Date/time reported | Reporter | Point of contact | Event description | Impact assessment | Category | Incident? | Decision justification | Triage deadline | Escalated to | Evidence link |
|---|---|---|---|---|---|---|---|---|---|---|---|
| EVT-0001 | TBD |
Related notes
- Template
- Iso27001
- Incident management
Note Metadata
Aliases: Incident Classification Register
Source: 90 Templates/Event Triage and Incident Classification Register.md
Related Notes
- ISO 27001 A.5.24 - Information Security Incident Management Planning and Preparation
- ISO 27001 A.5.25 - Assessment and Decision on Information Security Events
- A.5.25 Audit Evidence Pack
- A.5 Organizational Controls Implementation Guide
- ISO27001-A.5.25 Assessment and Decision on Information Security Events
- ISO 27002 Annex A Control Interpretation Map
- Templates MOC