Exhibit 3.Areas of Concern and Supporting Departments
ISO 17799 SectionDescription
Group Responsible
6.3.1 Reporting of Security IncidentsImplement procedures and standards f
or formal reporting and incident
response action to be taken on receipt of an incident report.
Emergency Response
Team (ERT)
6.3.2 Reporting of Security WeaknessesImplement standards and procedures to ensure that users are aw
are of
the requirement to note and report all observed or suspected security
weaknesses in or threats to systems or services.
ERT
6.3.3 Reporting of Software MalfunctionsImplement standards and user training ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month, and much more.