Security Incident Response
The goal of the Security Incident Response Policy Guide is to help your organization respond to potential computer security incidents.
- Identifies the incident response (IR) stakeholders and establishes their roles and responsibilities.
- Describes incident triggering sources, incident types, and incident severity levels.
- Includes requirements for regular testing, post-incident lessons-learned activities, and collection of IR metrics for use in gauging IR effectiveness.
The goals of IR, as outlined in this guide, are to:
- Confirm whether an incident occurred
- Provide a defined incident notification process
- Promote the accumulation and documentation of accurate information
- Establish controls for proper retrieval and handling of evidence
- Contain the incident and stop any unwanted activity quickly and efficiently
- Minimize the disruption to network operations
- Provide accurate reports and valuable recommendations to management
- Prevent and mitigate future incidents from occurring
Get started with your Security Incident Response Policy Guide
Resources Policy Guide – Coming Soon.
For questions, please call 336.804.8449.