Incident Management

The incident management responsibilities of CISOs include:

  • Receive information about security incidents
  • Coordinate response to security incidents
  • Prepare evidence for legal action following an incident
  • Analyze incidents in order to prevent their recurrence
  • The ability to prepare for and respond to events that present a negative effect on our network
  • The goal is to limit (as much as possible) disruptions to the network and other business processes
  • Planning must be done well in advance
    • Incident Response Team selected and trained
    • Formal Policies and Procedures written and posted
    • Necessary Tools provided
    • Support from Senior Management

Source :
https://www.cybrary.it/notes/edronegroup/ciso/module-7-incident-management/
https://advisera.com/27001academy/knowledgebase/what-is-the-job-of-chief-information-security-officer-ciso-in-iso-27001