MA – Incident Mgt
In Incident Management, normative documents are vital for establishing a structured and consistent approach to detecting, reporting, and responding to cybersecurity events. Standards such as ISO/IEC 27035 provide comprehensive guidance on preparing for incidents, defining roles and responsibilities, and coordinating responses, while NIST SP 800-61 Rev. 2 outlines best practices for handling computer security incidents in federal systems. Regulatory bodies like CISA in the U.S. and ENISA in Europe provide frameworks and alerts to support effective incident management, and directives such as EU NIS2 require organizations to implement formal processes for incident handling and reporting. Adhering to these normative documents ensures that organizations can respond swiftly, mitigate damage, and comply with legal and industry requirements.