Skip to content

Class: InformationSecurityEvent

An information security event per A.5.25, which may or may not be categorized as an incident.

URI: iso27001:InformationSecurityEvent

 classDiagram
    class InformationSecurityEvent
    click InformationSecurityEvent href "../InformationSecurityEvent/"
      NamedEntity <|-- InformationSecurityEvent
        click NamedEntity href "../NamedEntity/"

      InformationSecurityEvent : affected_assets





        InformationSecurityEvent --> "*" Asset : affected_assets
        click Asset href "../Asset/"



      InformationSecurityEvent : categorized_as_incident

      InformationSecurityEvent : created_date

      InformationSecurityEvent : description

      InformationSecurityEvent : event_datetime

      InformationSecurityEvent : event_description

      InformationSecurityEvent : id

      InformationSecurityEvent : initial_assessment

      InformationSecurityEvent : linked_incident





        InformationSecurityEvent --> "0..1" InformationSecurityIncident : linked_incident
        click InformationSecurityIncident href "../InformationSecurityIncident/"



      InformationSecurityEvent : modified_date

      InformationSecurityEvent : name

      InformationSecurityEvent : reporter

      InformationSecurityEvent : version

Inheritance

Slots

Name Cardinality and Range Description Inheritance
event_datetime 0..1
Datetime		 Date and time of the event direct
reporter 0..1
String		 Person who reported the event direct
event_description 0..1
String		 Description of the event direct
affected_assets *
Asset		 Assets affected by this risk or incident direct
initial_assessment 0..1
String		 Initial assessment of the event direct
categorized_as_incident 0..1
Boolean		 Whether the event was categorized as an incident direct
linked_incident 0..1
InformationSecurityIncident		 Linked incident if categorized direct
id 1
Uriorcurie		 Unique identifier for this entity instance NamedEntity
name 1
String		 Human-readable name or title NamedEntity
description 0..1
String		 Detailed description of the entity NamedEntity
created_date 0..1
Date		 Date when the entity was created NamedEntity
modified_date 0..1
Date		 Date when the entity was last modified NamedEntity
version 0..1
String		 Version identifier for the entity NamedEntity

In Subsets

Comments

  • Reference: ISO/IEC 27001:2022 Annex A control 5.25; ISO/IEC 27002:2022 Clause 5.25. ISO/IEC standards text is copyright ISO - not reproduced here.

Identifier and Mapping Information

Annotations

property value
annex_a_control 5.25

Schema Source

  • from schema: https://w3id.org/lmodel/iso27001

Mappings

Mapping Type Mapped Value
self iso27001:InformationSecurityEvent
native iso27001:InformationSecurityEvent

LinkML Source

Direct

name: InformationSecurityEvent
annotations:
  annex_a_control:
    tag: annex_a_control
    value: '5.25'
description: An information security event per A.5.25, which may or may not be categorized
  as an incident.
comments:
- 'Reference: ISO/IEC 27001:2022 Annex A control 5.25; ISO/IEC 27002:2022 Clause 5.25.
  ISO/IEC standards text is copyright ISO - not reproduced here.'
in_subset:
- annex_a_controls
from_schema: https://w3id.org/lmodel/iso27001
is_a: NamedEntity
slots:
- event_datetime
- reporter
- event_description
- affected_assets
- initial_assessment
- categorized_as_incident
- linked_incident

Induced

name: InformationSecurityEvent
annotations:
  annex_a_control:
    tag: annex_a_control
    value: '5.25'
description: An information security event per A.5.25, which may or may not be categorized
  as an incident.
comments:
- 'Reference: ISO/IEC 27001:2022 Annex A control 5.25; ISO/IEC 27002:2022 Clause 5.25.
  ISO/IEC standards text is copyright ISO - not reproduced here.'
in_subset:
- annex_a_controls
from_schema: https://w3id.org/lmodel/iso27001
is_a: NamedEntity
attributes:
  event_datetime:
    name: event_datetime
    description: Date and time of the event.
    from_schema: https://w3id.org/lmodel/iso27001
    rank: 1000
    alias: event_datetime
    owner: InformationSecurityEvent
    domain_of:
    - InformationSecurityEvent
    range: datetime
  reporter:
    name: reporter
    description: Person who reported the event.
    from_schema: https://w3id.org/lmodel/iso27001
    rank: 1000
    alias: reporter
    owner: InformationSecurityEvent
    domain_of:
    - InformationSecurityEvent
    range: string
  event_description:
    name: event_description
    description: Description of the event.
    from_schema: https://w3id.org/lmodel/iso27001
    rank: 1000
    alias: event_description
    owner: InformationSecurityEvent
    domain_of:
    - InformationSecurityEvent
    range: string
  affected_assets:
    name: affected_assets
    description: Assets affected by this risk or incident.
    from_schema: https://w3id.org/lmodel/iso27001
    rank: 1000
    alias: affected_assets
    owner: InformationSecurityEvent
    domain_of:
    - Risk
    - InformationSecurityEvent
    - InformationSecurityIncident
    range: Asset
    multivalued: true
  initial_assessment:
    name: initial_assessment
    description: Initial assessment of the event.
    from_schema: https://w3id.org/lmodel/iso27001
    rank: 1000
    alias: initial_assessment
    owner: InformationSecurityEvent
    domain_of:
    - InformationSecurityEvent
    range: string
  categorized_as_incident:
    name: categorized_as_incident
    description: Whether the event was categorized as an incident.
    from_schema: https://w3id.org/lmodel/iso27001
    rank: 1000
    alias: categorized_as_incident
    owner: InformationSecurityEvent
    domain_of:
    - InformationSecurityEvent
    range: boolean
  linked_incident:
    name: linked_incident
    description: Linked incident if categorized.
    from_schema: https://w3id.org/lmodel/iso27001
    rank: 1000
    alias: linked_incident
    owner: InformationSecurityEvent
    domain_of:
    - InformationSecurityEvent
    range: InformationSecurityIncident
  id:
    name: id
    description: Unique identifier for this entity instance.
    comments:
    - Should use consistent URI/CURIE format across the dataset
    examples:
    - value: iso27001:risk-001
    - value: iso27001:control-5.1
    from_schema: https://w3id.org/lmodel/iso27001
    rank: 1000
    identifier: true
    alias: id
    owner: InformationSecurityEvent
    domain_of:
    - NamedEntity
    range: uriorcurie
    required: true
  name:
    name: name
    description: Human-readable name or title.
    from_schema: https://w3id.org/lmodel/iso27001
    rank: 1000
    alias: name
    owner: InformationSecurityEvent
    domain_of:
    - NamedEntity
    range: string
    required: true
  description:
    name: description
    description: Detailed description of the entity.
    comments:
    - Should provide sufficient detail for understanding without external reference
    from_schema: https://w3id.org/lmodel/iso27001
    rank: 1000
    alias: description
    owner: InformationSecurityEvent
    domain_of:
    - NamedEntity
    range: string
  created_date:
    name: created_date
    description: Date when the entity was created.
    from_schema: https://w3id.org/lmodel/iso27001
    rank: 1000
    alias: created_date
    owner: InformationSecurityEvent
    domain_of:
    - NamedEntity
    range: date
  modified_date:
    name: modified_date
    description: Date when the entity was last modified.
    from_schema: https://w3id.org/lmodel/iso27001
    rank: 1000
    alias: modified_date
    owner: InformationSecurityEvent
    domain_of:
    - NamedEntity
    range: date
  version:
    name: version
    description: Version identifier for the entity.
    comments:
    - Supports document control requirements per 7.5.3 e)
    examples:
    - value: '1.0'
    - value: 2.3.1
    from_schema: https://w3id.org/lmodel/iso27001
    rank: 1000
    alias: version
    owner: InformationSecurityEvent
    domain_of:
    - NamedEntity
    range: string