Home / ISO 27001 Glossary of Terms / Assessment And Decision On Information Security Events

Assessment And Decision On Information Security Events

13/09/2025

Author: Stuart Barker | ISO 27001 Expert and Thought Leader

Assessment and Decision on Information Security Events is a key control in the ISO 27001 standard. It deals with how an organisation handles security issues and decides what to do about them. This control is about having a plan for security events, which are things like a suspicious email, a strange network activity, or a user who can’t log in. It’s a way to make sure that when something happens, the organisation can quickly figure out if it’s a real problem and then decide how to fix it. This process helps to stop small issues from becoming big problems.

Examples

  • A suspicious email: A user gets an email that looks like it’s from their bank but has a strange link. This is a security event. The organisation’s plan should tell the user to report it and the security team how to check it out. They would then decide if it’s a phishing attempt and what to do next.
  • Failed login attempts: Someone tries to log in to a system many times with the wrong password. This is an event. The plan would say to look at the number of failed attempts and decide if it’s a simple user mistake or a possible brute-force attack.

Context

This control is important for keeping information safe. It makes sure that all security events are reviewed properly. It helps an organisation learn from past problems and make its security even better. By having a clear plan, the organisation can respond to threats quickly and in a way that is consistent every time. It’s a way to be ready for the unexpected and protect important information from being lost or stolen.

Relevant ISO 27001 Annex A Controls

The following controls from the ISO/IEC 27001:2022 standard are related to Assessment And Decision On Information Security Events:

About the author

Stuart Barker is an information security practitioner of over 30 years. He holds an MSc in Software and Systems Security and an undergraduate degree in Software Engineering. He is an ISO 27001 expert and thought leader holding both ISO 27001 Lead Implementer and ISO 27001 Lead Auditor qualifications. In 2010 he started his first cyber security consulting business that he sold in 2018. He worked for over a decade for GE, leading a data governance team across Europe and since then has gone on to deliver hundreds of client engagements and audits.

He regularly mentors and trains professionals on information security and runs a successful ISO 27001 YouTube channel where he shows people how they can implement ISO 27001 themselves. He is passionate that knowledge should not be hoarded and brought to market the first of its kind online ISO 27001 store for all the tools and templates people need when they want to do it themselves.

In his personal life he is an active and a hobbyist kickboxer.

His specialisms are ISO 27001 and SOC 2 and his niche is start up and early stage business.