Incident Management Template

Incident Management Template

Download your free copy now

Adopting a full set of information security policies is a critical step in ensuring that every department and employee understands their role in helping protect company, customer, and employee data. 

Please use these policy templates as a way to get your organization on the right track when it comes to full policy creation and adoption.

Incidents happen across all organizations—no matter how secure they are. And because incidents are cannot be 100% avoidable, organizations must understand what to do in the event of an incident to curb its impact. Get everyone on the same page with an incident response policy.

Free Resource

Download our free Incident Management Template now.

DOWNLOAD TEMPLATE

Purpose

The purpose of the Incident Management Policy is to describe the requirements for dealing with security incidents.

Audience

The Incident Management Policy applies to individuals that use any [Company] Information Resource.

Table of Contents

Policy

Incident Reporting

  • Personnel are required to promptly report possible or known information security and confidentiality violations to FRSecure IT, including the following:

  • Infrastructure incident: any event considered to be a malicious action that causes a failure, interruption, or loss of availability to any Information Resource.

  • Data incident: any loss, theft, or compromise of information.

  • Unauthorized access incident: any unauthorized access to an Information Resource.

  • Potential incidents and threats reported from event logging, vulnerability management, and other monitoring activities will be reported to [Company] Security Team.

  • All reported incidents will be assessed by the Security Team to determine the threat type and activate the appropriate response procedures.

Response Team

  • Management will establish and provide overall direction to an [Company] Incident Response Team (IRT).

  • IRT members will create and implement an Incident Management Plan

  • IRT members have pre-defined roles and responsibilities which can take priority over normal duties. Any additional staff members may be called upon to assist in resolving an incident. 

  • The IRT will respond to any new threat to information systems or data following the Incident Management Plan.

  • The IRT will report the incident to:

  • Executive Management  

  • Any affected customers and or/partners

  • Local, state, or federal law officials as required by applicable statutes and/or regulations.

  • The IRT will coordinate communications with any outside organizations.

  • The Incident Management Plan will be tested by the IRT no less than annually.

Definitions

See Appendix A: Definitions

References

  • ISO 27002: 5, 6  

  • NIST CSF: ID.IM, DE.AE, RS.MA, RS.CO, RS.AN, RS.MI, RC.CO

Waivers

Waivers from certain policy provisions may be sought following the (Company) Waiver Process.

Enforcement

Personnel found to have violated this policy may be subject to disciplinary action, up to and including termination of employment, and related civil or criminal penalties.  

Any vendor, consultant, or contractor found to have violated this policy may be subject to sanctions up to and including removal of access rights, termination of contract(s), and related civil or criminal penalties.

Cheat Sheets

Checklists

Incident Response Playbooks

Policy Templates

Program Guides

Workbooks

Incident Response Policy Template

Download your free copy today.

DOWNLOAD