CIR Related Standards
Cyber Security Incident Reporting Template
1.0 Instructions
All entities must report a cyber security incident or breach to ______ on the day of the cyber security incident or breach.
Entities are required to complete and submit the form below via email to ______ at _________
The _____ may require the affected entities to submit a detailed report on the cyber security incident or the breach following the cyber security incident or breach reported.
Example of incident reporting
Contact Information |
|
Contact details of the responsible person |
|
Full name |
|
Position |
|
Office phone no. |
|
Mobile no. |
|
Email address |
|
Alternate contact person |
|
Full name |
|
Position |
|
Office phone no. |
|
Mobile no. |
|
Email address |
|
Entity details |
|
Entity name |
|
Entity address |
|
Type of entity (for example, financial institutions, participating organisations, exchange) |
|
Contact no. |
|
Email address |
|
Cyber Security Incident or breach details |
|
Date and time of incident or breach |
|
Details of a cyber security incident or breach (Method of the cyber security attack) (Duration of the cyber security attack) |
|
Impact to systems, assets or information |
|
Affected hardware |
|
Affected Software |
|
Affected operating system |
|
Impact to stakeholders |
|
Geographical location and IP address of the attacker |
|
Resolution of cyber security incident or breach |
|
What are immediate remedial actions taken to minimize and mitigate risks from the cyber security attack? |
|
What is the current status or resolution of this incident or breach? |
|
(Sekuriti, 2016)
ISO Standards Related to CIR
Do You Want to Continue BCM Training onsite or online?
Goh, M. H. (2017). A Manager's Guide to Business Continuity Management for Cyber Security Incidents, 2nd Edition. GMH Pte Ltd.
Reference: Chapter 11 Appendix 1: ISO 22301
Note: This version was the draft 2nd Edition being updated in 2023. The numeric in the square bracket [X-X] cross-refers to the actual chapter and section in the 1st Edition.