Define your security incident management program in the following sections:

  • Purpose and mission
  • Definitions
  • Organizational approach to incident response
  • Roles and responsibilities
  • Process
  • Identification and classification confirmation
  • Incident severity classification

Formalize the security incident management program by defining a central, high-level guide to describe goals, roles, and responsibilities, as well as the process that will underlie all incident classification and response.

Related Content

Hide Details

Search Code: 74095
Published: February 3, 2014
Last Revised: September 9, 2015


  • 25a421451c906662e8e7b77f0f89c052 comment
    Mark Lester | 08-25-2015

    This is a confusing document. The content is good but the layout is illogical and disjointed. Using the sample diagram as a basis for discussion, the incident response process is described three different ways in the content of the document (if you include the diagram). The first, which does not follow the sample diagram and the second, which does to a great extent. Wouldn't it make more sense to combine all like information? Combine the best of "Identification" from the first and second parts together, same for "containment", "investigation", and so on. I think you'd have a better product if similar information was combined and addressed at the same time.
    For example:
    Diagram: Identification, Containment, Analysis, Escalation, Resolution, Closure, (Recording all along)
    Part 1: Identification, Containment, Eradication, Recovery, Follow-up, Retention
    Part 2: Identification, Containment, Investigation, Escalation, Resolution, Recording, Continuous Improvement, Close

    • 432c05244a845caaca3b276adb15a11e comment
      Info-Tech Research Group | 08-28-2015

      Thank you for the feedback. We’re glad you found the content helpful. As for the layout, we’ve relayed your feedback to the research team and have noted it for the next research refresh process. We are always working to continuously improve our products and love to hear feedback from users, such as yourself. If you have any other feedback or questions, please don’t hesitate to contact us.


Get Access

Get Instant Access
To unlock the full content, please fill out our simple form and receive instant access.
Visit our COVID-19 Resource Center and our Cost Management Center
Over 100 analysts waiting to take your call right now: 1-519-432-3550 x2019