| Artifact: Incident description |
 |
 |
|
Purpose
| To describe when an event or a set of events can be considered as an incident |
Relationships
| Roles | Responsible: | Modified By: |
|---|---|---|
| Tasks | Input To: | Output From: |
Description
| Main Description | The organization must define when an event can be considered a security incident. Different metrics can be considered, such as impact, sensitivity of the assets involved, or downtime required for maintenance. |
|---|