Comprehensive and Detailed Explanation From Exact Extract:
According to ISO/IEC 27035-1:2016 and ISO/IEC 27035-2:2016, incident categorization is a vital step in the incident management lifecycle. Its primary purpose is to sort and group incidents based on specific criteria so that appropriate actions and escalation paths can be taken.
One of the core objectives of categorization is to sort incidents by the domain or system affected — whether it’s a database, email system, network, or physical server. This enables organizations to assign incidents to relevant subject matter experts and apply the right procedures, based on the affected business function or IT component.
While categorization can influence prioritization (option A), the main intent is classification based on nature and domain. Automatic technician assignment (option B) may be supported by some service management platforms but is not the foundational purpose of incident categorization under ISO 27035.
Reference Extracts:
ISO/IEC 27035-1:2016, Clause 6.1.2 – “Categorization should identify the domain or component affected to enable appropriate response and escalation.”
ISO/IEC 27035-2:2016, Clause 7.3 – “Incidents should be categorized based on the type of disruption they cause and the business or technical domain they impact.”
Therefore, the correct answer is C: To sort incidents based on the disrupted IT or business domain.
—
Submit