Sample of Content:
Incident Response Plan Template
The (Company) Incident Response Plan has been developed to provide direction and focus to the handling of information security incidents that adversely affect (Company) Information Resources. The (Company) Incident Management Plan applies to any person or entity charged by the (Company) Incident Response Commander with a response to information security-related incidents at the organization, and specifically those incidents that affect (Company) Information Resources.
The purpose of the Incident Management Plan is to allow (Company) to respond quickly and appropriately to information security incidents.
Any observable occurrence in a system, network, environment, process, workflow, or personnel. Events may or may not be negative in nature.
Adverse Events Definition
Events with a negative consequence. This plan only applies to adverse events that are computer security related, not those caused by natural disasters, power failures, etc.
A violation or imminent threat of violation of computer security policies, acceptable use policies, or standard security practices that jeopardizes the confidentiality, integrity, or availability of information resources or operations. A security incident may have one or more of the following characteristics:
- Violation of an explicit or implied (Company) security policy
- Attempts to gain unauthorized access to a (Company) Information Resource
- Denial of service to a (Company) Information Resource
- Unauthorized use of (Company) Information Resources
- Unauthorized modification of (Company) information
- Loss of (Company) Confidential or Protected information