Annex A 5.28 - Collection of Evidence

The organization shall establish and implement procedures for the identification, collection, acquisition and preservation of evidence related to information security events.

Last updated