Incident Response

This checklist provides guidelines to manage security incidents that threaten the confidentiality, integrity or availability of information assets.

Category	Sub-Category	Name	Activity
Incident Response	Incident Response	Incident Respons Plan	[The organization] defines the types of incidents that need to be managed, tracked and reported, including: • procedures for the identification and management of incidents • procedures for the resolution of confirmed incidents • key incident response systems • incident coordination and communication strategy • contact method for internal parties to report incidents • support team contact information • notification to relevant management in the event of a security breach • provisions for updating and communicating the plan • provisions for training of support team • preservation of incident information • management review and approval, [in accordance with frequency], or when major changes to the organization occur
Incident Response	Incident Response	Incident ResponseTesting	[The organization] tests incident response processes [in accordance with the organization-defined frequency]. Results from the tests are documented.
Incident Response	Incident Response	Incident Response	Confirmed incidents are assigned a priority level and managed to resolution. If applicable, [the organization] coordinates the incident response with business contingency activities.
Incident Response	Incident Communication	External Communication of Incidents	[The organization] defines external communication requirements for incidents, including: • information about external party dependencies • criteria for notification to external parties as required by [the organization] policy in the event of a security breach • contact information for authorities (e.g., law enforcement, regulatory bodies, etc.) • provisions for updating and communicating external communication requirement changes
Incident Response	Incident Communication	Incident Reporting Contact Information	[The organization] provides a contact method for external parties to: • submit complaints and inquiries • report incidents
Incident Response	Incident Communication	Incident External Communication	[The organization] communicates a response to external stakeholders as required by the Incident Response Plan.

No results found