Incident Response Plan Development

Computer Security Incident Response is a critical component of an Information Technology Program. Cybersecurity attacks have become more numerous, diverse, and disruptive. Preventative activities based on a Risk Assessment and alignment with a cybersecurity framework can lower the number of incidents, but not all incidents can be prevented. The incident response capabilities of an organization are necessary to efficiently detect incidents, minimizing loss and disruption, mitigating discovered weaknesses, and restoring affected information technology services and systems.
Incident response is a complex undertaking that requires substantial planning and resources. This includes establishing clear policies and procedures for defining responsibilities and prioritizing the handling of incidents, implementing effective methods of collecting, analyzing, and reporting data, building relationships and establish suitable means of communication with other groups (internal and external), and continually monitoring for attacks.

  • Strategy and Guidance
  • Assessment Review
  • Policy and Plan Development
  • Technical Procedure Creation
  • Program Supporting Documents