The organization should develop a method of logging Information Security incidents and following through with a cause analysis and a corrective action if it not doing so in another system.
Conformance1
Tools for conforming to standards, goals and processes
