Tools for conforming to standards, goals and processes
5.25 Assessment and decision on information security events
Agree on incident categorization and prioritization scheme, including criteria, assess events using scheme, personnel make decisions, record assessment results for future reference.