Develop and Implement a Security Incident Management Program

Create a scalable incident response program without breaking the bank.

The Situation

Security incidents are inevitable, but how they’re dealt with can make or break an organization. Poor incident response negatively affects business practices, including workflow, revenue generation, and public image.

The incident response of most organizations is ad hoc at best. A formal management plan is rarely developed or adhered to, resulting in ineffective firefighting responses and inefficient allocation of resources.

Develop and Implement a Security Incident Management Program visualization

Effective and efficient management of incidents involves a formal process of preparation, detection, analysis, containment, eradication, recovery, and post-incident activities.
This blueprint will walk through the steps of developing a scalable and systematic incident response program relevant to your organization.

Blueprint Contents

Develop and Implement a Security Incident Management Program – Phases 1-3
Security Incident Management Maturity Checklist ‒ Preliminary
Security Incident Management RACI Tool
Security Incident Management Policy Template
Security Incident Management Plan
Security Incident Runbook Prioritization Tool
Security Incident Management Runbook: Credential Compromise
Security Incident Management Workflow: Credential Compromise (Visio)
Security Incident Management Workflow: Credential Compromise (PDF)
Security Incident Management Runbook: Data Breach
Security Incident Management Workflow: Data Breach (Visio)
Security Incident Management Workflow: Data Breach (PDF)
Security Incident Management Runbook: Distributed Denial of Service
Security Incident Management Workflow: Distributed Denial of Service (Visio)
Security Incident Management Workflow: Distributed Denial of Service (PDF)
Security Incident Management Runbook: Malicious Email
Security Incident Management Workflow: Malicious Email (Visio)
Security Incident Management Workflow: Malicious Email (PDF)
Security Incident Management Runbook: Malware
Security Incident Management Workflow: Malware (Visio)
Security Incident Management Workflow: Malware (PDF)
Security Incident Management Runbook: Ransomware
Security Incident Management Workflow: Ransomware (Visio)
Security Incident Management Workflow: Ransomware (PDF)
Security Incident Management Runbook: Third-Party Incident
Security Incident Management Workflow: Third-Party Incident (Visio)
Security Incident Management Workflow: Third-Party Incident (PDF)
Security Incident Metrics Tool
Security Incident Report Template
Root-Cause Analysis Template
One-Page Emergency Incident Response Plan

Member Testimonials

After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve. See our top member experiences for this blueprint and what our clients have to say.

9.6/10

Overall Impact

$33,529

Average $ Saved

Average Days Saved

Member Testimonials
Client	Virginia Department of Health
Experience	Guided Implementation
Impact	10/10
$ Saved	$68,000
Days Saved	20
Testimonial	My experience has been great so far!! My experience has been great so far!!

Member Testimonials
Client	City of Lynnwood
Experience	Workshop
Impact	10/10
$ Saved	$34,000
Days Saved	20
Testimonial	I now have clarity on who needs to make decisions between IT leadership and organizational leadership. My staff now have a detailed workflow to wor... I now have clarity on who needs to make decisions between IT leadership and organizational leadership. My staff now have a detailed workflow to work with during a time of crisis.

Member Testimonials
Client	Thompson Child & Family Focus
Experience	Guided Implementation
Impact	9/10
$ Saved	$6,800
Days Saved	10
Testimonial

Member Testimonials
Client	New Brunswick Community College (NBCC)
Experience	Guided Implementation
Impact	10/10
$ Saved	$50,000
Days Saved	50
Testimonial	Info-Tech played a key role in shaping our incident response plans by providing valuable feedback and expert guidance throughout the process. Lever... Info-Tech played a key role in shaping our incident response plans by providing valuable feedback and expert guidance throughout the process. Leveraging their structured approach and best practices ensured our plans were comprehensive and aligned with industry standards. The use of Info-Tech’s templates significantly reduced development time, allowing us to focus on tailoring the content to meet our specific organizational needs. This adaptability not only streamlined the process but also enhanced the overall quality and effectiveness of our incident response strategy. Mike was an invaluable resource, offering insights and support that greatly contributed to the success of this initiative.

Member Testimonials
Client	Mustang Machinery Company, LLC
Experience	Guided Implementation
Impact	10/10
$ Saved	$54,400
Days Saved	10
Testimonial	Interaction with a knowledgeable resource to help guide and develop solution for our organization. Interaction with a knowledgeable resource to help guide and develop solution for our organization.

Member Testimonials
Client	The Corporation of the City of Timmins
Experience	Guided Implementation
Impact	9/10
$ Saved	$27,500
Days Saved	10
Testimonial	The best part is that all runbooks are ready to be used, and the advisor is knowledgeable. The downside is that some tools contain grammatical err... The best part is that all runbooks are ready to be used, and the advisor is knowledgeable. The downside is that some tools contain grammatical errors and a few runbooks are missing.

Member Testimonials
Client	St. Francis Xavier University
Experience	Guided Implementation
Impact	10/10
$ Saved	$37,500
Days Saved	16
Testimonial

Member Testimonials
Client	Tohono O’Odham Gaming Enterprise dba Desert Diamond Casinos
Experience	Workshop
Impact	6/10
$ Saved	$13,600
Days Saved	10
Testimonial	Emphasis was placed on hitting time slots for each day's completion rather than on the accuracy and relevance of the information. This despite ulti... Emphasis was placed on hitting time slots for each day's completion rather than on the accuracy and relevance of the information. This despite ultimately finishing half a day early on Thursday. The facilitator seemed less sure of his answers, would often either argue the default solution, or ask for an alternative rather than make suggestions. At other times he was seen using ChatCPT to provide answers or to consider points made by the TOGE team. This was noticed and commented on by the IT Director. Various TOGE documents that had background information on this workshop were provided (e.g. extant ISIRP) at the start of the workshop. There was little reference to those documents made by the facilitator during the workshop. He said he glanced at them but didn't do any deep dives. The tabletop element itself lasted only two hours and seemed to be more a regurgitation of the documents we had produced in the first three days rather than a roleplay interactive session. The documentation generated has been provided.

Member Testimonials
Client	Government of Bermuda
Experience	Workshop
Impact	9/10
$ Saved	$136K
Days Saved	32
Testimonial	Best -Team collaboration Worst - Rabbit hole Best -Team collaboration Worst - Rabbit hole

Member Testimonials
Client	Connexus Credit Union
Experience	Workshop
Impact	10/10
$ Saved	$34,000
Days Saved	26
Testimonial	Best part is having the whole suite of incident management references with 2 TTX's accomplished by end of workshop. Worst part is the minimal st... Best part is having the whole suite of incident management references with 2 TTX's accomplished by end of workshop. Worst part is the minimal stakeholder attendance.

Member Testimonials
Client	Meritrust Federal Credit Union
Experience	Workshop
Impact	10/10
$ Saved	$34,000
Days Saved	20
Testimonial	Horia was great to work with on this project. Horia was great to work with on this project.

Member Testimonials
Client	UMWA Health and Retirement Funds
Experience	Guided Implementation
Impact	10/10
$ Saved	$2,584
Days Saved	10
Testimonial	I really enjoyed the interactive nature of the assistance through the case. I really enjoyed the interactive nature of the assistance through the case.

Member Testimonials
Client	The President and Fellows of Harvard College, a Massachusetts nonprofit corporation, acting by and through Harvard Business School
Experience	Guided Implementation
Impact	10/10
$ Saved	N/A
Days Saved	20
Testimonial	Mike was awesome. He was able to help us think through how we could apply your blueprints to existing process, and was also a great sounding board... Mike was awesome. He was able to help us think through how we could apply your blueprints to existing process, and was also a great sounding board for helping think through some of the resistances we've been experiencing to changes in the style and approach of these documents.

Member Testimonials
Client	First Frame Networkers AG
Experience	Guided Implementation
Impact	9/10
$ Saved	$10,000
Days Saved	10
Testimonial

Member Testimonials
Client	The State of Nevada Governor's Technology Office
Experience	Guided Implementation
Impact	10/10
$ Saved	$13,600
Days Saved	10
Testimonial

Member Testimonials
Client	United Nations International Computing Centre
Experience	Guided Implementation
Impact	9/10
$ Saved	$21,760
Days Saved	14
Testimonial	Mike was able to immediately address our needs by providing straight to the point assistance. I would be happy to get help again in the future. Mike was able to immediately address our needs by providing straight to the point assistance. I would be happy to get help again in the future.

Member Testimonials
Client	The American Institute of Architects
Experience	Workshop
Impact	10/10
$ Saved	$34,000
Days Saved	10
Testimonial	A big thank you to Horia for the outstanding job facilitating the security incident workshop and tabletop exercise. Your expertise and guidance mad... A big thank you to Horia for the outstanding job facilitating the security incident workshop and tabletop exercise. Your expertise and guidance made the session informative and impactful, providing valuable insights for all participants, from frontline support to Infrastructure and DevOps teams. We look forward to future collaborations!

Member Testimonials
Client	The City of Daytona Beach
Experience	Guided Implementation
Impact	10/10
$ Saved	$68,000
Days Saved	23
Testimonial	Petars insight into security and governance has really made a difference in our posture and preparedness. We can purchase solutions all day but not... Petars insight into security and governance has really made a difference in our posture and preparedness. We can purchase solutions all day but not knowing what you don't know makes one's effort ineffective

Member Testimonials
Client	Bob Barker Company, Inc.
Experience	Guided Implementation
Impact	10/10
$ Saved	$34,000
Days Saved	10
Testimonial	Petar Hristov did a phenomenal job of walking us through the Develop and Implement a Security Incident Management Program. His advice was extremely... Petar Hristov did a phenomenal job of walking us through the Develop and Implement a Security Incident Management Program. His advice was extremely helpful. Having worked with many Info-Tech Analysts over the years, I have to say that Petar was one of the most effective that I've ever had the pleasure of collaborating with.

Member Testimonials
Client	Enable Ireland
Experience	Guided Implementation
Impact	10/10
$ Saved	$3,179
Days Saved	5
Testimonial	It was easy to engage with InfoTech. Also the security management blueprint from InfoTech was the closest to my requirements. It was easy to engage with InfoTech. Also the security management blueprint from InfoTech was the closest to my requirements.

Member Testimonials
Client	College of DuPage
Experience	Guided Implementation
Impact	9/10
$ Saved	$12,240
Days Saved	14
Testimonial	It's all laid out for you and ready to modify as needed. Our SME was very knowledgeable and patient with our team. It's all laid out for you and ready to modify as needed. Our SME was very knowledgeable and patient with our team.

Member Testimonials
Client	Government of the United States Virgin Islands
Experience	Workshop
Impact	9/10
$ Saved	N/A
Days Saved	35
Testimonial	The best parts of the experience was the customization of the workshop to meet our needs. This was accomplished through preparatory calls as well ... The best parts of the experience was the customization of the workshop to meet our needs. This was accomplished through preparatory calls as well as a thorough understanding of the unique environment. The worst part of the experience is the realization of the necessary follow-on efforts that will be needed to successfully adapt the deliverables. More knowledge requires more work.

Member Testimonials
Client	TANTUS Solutions Group Inc
Experience	Guided Implementation
Impact	8/10
$ Saved	$1,700
Days Saved	2
Testimonial

Member Testimonials
Client	Intercity Transit
Experience	Guided Implementation
Impact	10/10
$ Saved	$34,250
Days Saved	10
Testimonial	The personal connection with an analyst. The personal connection with an analyst.

Member Testimonials
Client	Guelph Police Services
Experience	Workshop
Impact	9/10
$ Saved	$50,000
Days Saved	14
Testimonial	The best part was coming together as a consortium and forcing ourselves, with Horia's assistance to dedicate the time to complete this incredibly i... The best part was coming together as a consortium and forcing ourselves, with Horia's assistance to dedicate the time to complete this incredibly important task. We are much further along than we were before. The worst part was even though we accomplished so much, the workshop really did indicate how much further we have to go.

Member Testimonials
Client	Pitt County
Experience	Guided Implementation
Impact	10/10
$ Saved	$32,195
Days Saved	10
Testimonial

Member Testimonials
Client	Uganda Revenue Authority
Experience	Guided Implementation
Impact	10/10
$ Saved	$13,700
Days Saved	105
Testimonial	Willingness to provide guidance and followup Willingness to provide guidance and followup

Member Testimonials
Client	Opal Packaging
Experience	Guided Implementation
Impact	10/10
$ Saved	N/A
Days Saved	20
Testimonial	Robert is very knowledgeable providing practical advice and guidance. The facilitation of the tabletop exercise was a beneficial exercise to complete. Robert is very knowledgeable providing practical advice and guidance. The facilitation of the tabletop exercise was a beneficial exercise to complete.

Member Testimonials
Client	Pitt County
Experience	Guided Implementation
Impact	10/10
$ Saved	$19,865
Days Saved	10
Testimonial

Member Testimonials
Client	Keeneland Association
Experience	Guided Implementation
Impact	10/10
$ Saved	$2,603
Days Saved	2
Testimonial	Frank presented the materials very professioinally and shared some content he'd done for a client to help us continue down the project path. Frank presented the materials very professioinally and shared some content he'd done for a client to help us continue down the project path.

Member Testimonials
Client	Experience	Impact	$ Saved	Days Saved	Testimonial
Virginia Department of Health	Guided Implementation	10/10	$68,000	20	My experience has been great so far!! My experience has been great so far!!
City of Lynnwood	Workshop	10/10	$34,000	20	I now have clarity on who needs to make decisions between IT leadership and organizational leadership. My staff now have a detailed workflow to wor... I now have clarity on who needs to make decisions between IT leadership and organizational leadership. My staff now have a detailed workflow to work with during a time of crisis.
Thompson Child & Family Focus	Guided Implementation	9/10	$6,800	10
New Brunswick Community College (NBCC)	Guided Implementation	10/10	$50,000	50	Info-Tech played a key role in shaping our incident response plans by providing valuable feedback and expert guidance throughout the process. Lever... Info-Tech played a key role in shaping our incident response plans by providing valuable feedback and expert guidance throughout the process. Leveraging their structured approach and best practices ensured our plans were comprehensive and aligned with industry standards. The use of Info-Tech’s templates significantly reduced development time, allowing us to focus on tailoring the content to meet our specific organizational needs. This adaptability not only streamlined the process but also enhanced the overall quality and effectiveness of our incident response strategy. Mike was an invaluable resource, offering insights and support that greatly contributed to the success of this initiative.
Mustang Machinery Company, LLC	Guided Implementation	10/10	$54,400	10	Interaction with a knowledgeable resource to help guide and develop solution for our organization. Interaction with a knowledgeable resource to help guide and develop solution for our organization.
The Corporation of the City of Timmins	Guided Implementation	9/10	$27,500	10	The best part is that all runbooks are ready to be used, and the advisor is knowledgeable. The downside is that some tools contain grammatical err... The best part is that all runbooks are ready to be used, and the advisor is knowledgeable. The downside is that some tools contain grammatical errors and a few runbooks are missing.
St. Francis Xavier University	Guided Implementation	10/10	$37,500	16
Tohono O’Odham Gaming Enterprise dba Desert Diamond Casinos	Workshop	6/10	$13,600	10	Emphasis was placed on hitting time slots for each day's completion rather than on the accuracy and relevance of the information. This despite ulti... Emphasis was placed on hitting time slots for each day's completion rather than on the accuracy and relevance of the information. This despite ultimately finishing half a day early on Thursday. The facilitator seemed less sure of his answers, would often either argue the default solution, or ask for an alternative rather than make suggestions. At other times he was seen using ChatCPT to provide answers or to consider points made by the TOGE team. This was noticed and commented on by the IT Director. Various TOGE documents that had background information on this workshop were provided (e.g. extant ISIRP) at the start of the workshop. There was little reference to those documents made by the facilitator during the workshop. He said he glanced at them but didn't do any deep dives. The tabletop element itself lasted only two hours and seemed to be more a regurgitation of the documents we had produced in the first three days rather than a roleplay interactive session. The documentation generated has been provided.
Government of Bermuda	Workshop	9/10	$136K	32	Best -Team collaboration Worst - Rabbit hole Best -Team collaboration Worst - Rabbit hole
Connexus Credit Union	Workshop	10/10	$34,000	26	Best part is having the whole suite of incident management references with 2 TTX's accomplished by end of workshop. Worst part is the minimal st... Best part is having the whole suite of incident management references with 2 TTX's accomplished by end of workshop. Worst part is the minimal stakeholder attendance.
Meritrust Federal Credit Union	Workshop	10/10	$34,000	20	Horia was great to work with on this project. Horia was great to work with on this project.
UMWA Health and Retirement Funds	Guided Implementation	10/10	$2,584	10	I really enjoyed the interactive nature of the assistance through the case. I really enjoyed the interactive nature of the assistance through the case.
The President and Fellows of Harvard College, a Massachusetts nonprofit corporation, acting by and through Harvard Business School	Guided Implementation	10/10	N/A	20	Mike was awesome. He was able to help us think through how we could apply your blueprints to existing process, and was also a great sounding board... Mike was awesome. He was able to help us think through how we could apply your blueprints to existing process, and was also a great sounding board for helping think through some of the resistances we've been experiencing to changes in the style and approach of these documents.
First Frame Networkers AG	Guided Implementation	9/10	$10,000	10
The State of Nevada Governor's Technology Office	Guided Implementation	10/10	$13,600	10
United Nations International Computing Centre	Guided Implementation	9/10	$21,760	14	Mike was able to immediately address our needs by providing straight to the point assistance. I would be happy to get help again in the future. Mike was able to immediately address our needs by providing straight to the point assistance. I would be happy to get help again in the future.
The American Institute of Architects	Workshop	10/10	$34,000	10	A big thank you to Horia for the outstanding job facilitating the security incident workshop and tabletop exercise. Your expertise and guidance mad... A big thank you to Horia for the outstanding job facilitating the security incident workshop and tabletop exercise. Your expertise and guidance made the session informative and impactful, providing valuable insights for all participants, from frontline support to Infrastructure and DevOps teams. We look forward to future collaborations!
The City of Daytona Beach	Guided Implementation	10/10	$68,000	23	Petars insight into security and governance has really made a difference in our posture and preparedness. We can purchase solutions all day but not... Petars insight into security and governance has really made a difference in our posture and preparedness. We can purchase solutions all day but not knowing what you don't know makes one's effort ineffective
Bob Barker Company, Inc.	Guided Implementation	10/10	$34,000	10	Petar Hristov did a phenomenal job of walking us through the Develop and Implement a Security Incident Management Program. His advice was extremely... Petar Hristov did a phenomenal job of walking us through the Develop and Implement a Security Incident Management Program. His advice was extremely helpful. Having worked with many Info-Tech Analysts over the years, I have to say that Petar was one of the most effective that I've ever had the pleasure of collaborating with.
Enable Ireland	Guided Implementation	10/10	$3,179	5	It was easy to engage with InfoTech. Also the security management blueprint from InfoTech was the closest to my requirements. It was easy to engage with InfoTech. Also the security management blueprint from InfoTech was the closest to my requirements.
College of DuPage	Guided Implementation	9/10	$12,240	14	It's all laid out for you and ready to modify as needed. Our SME was very knowledgeable and patient with our team. It's all laid out for you and ready to modify as needed. Our SME was very knowledgeable and patient with our team.
Government of the United States Virgin Islands	Workshop	9/10	N/A	35	The best parts of the experience was the customization of the workshop to meet our needs. This was accomplished through preparatory calls as well ... The best parts of the experience was the customization of the workshop to meet our needs. This was accomplished through preparatory calls as well as a thorough understanding of the unique environment. The worst part of the experience is the realization of the necessary follow-on efforts that will be needed to successfully adapt the deliverables. More knowledge requires more work.
TANTUS Solutions Group Inc	Guided Implementation	8/10	$1,700	2
Intercity Transit	Guided Implementation	10/10	$34,250	10	The personal connection with an analyst. The personal connection with an analyst.
Guelph Police Services	Workshop	9/10	$50,000	14	The best part was coming together as a consortium and forcing ourselves, with Horia's assistance to dedicate the time to complete this incredibly i... The best part was coming together as a consortium and forcing ourselves, with Horia's assistance to dedicate the time to complete this incredibly important task. We are much further along than we were before. The worst part was even though we accomplished so much, the workshop really did indicate how much further we have to go.
Pitt County	Guided Implementation	10/10	$32,195	10
Uganda Revenue Authority	Guided Implementation	10/10	$13,700	105	Willingness to provide guidance and followup Willingness to provide guidance and followup
Opal Packaging	Guided Implementation	10/10	N/A	20	Robert is very knowledgeable providing practical advice and guidance. The facilitation of the tabletop exercise was a beneficial exercise to complete. Robert is very knowledgeable providing practical advice and guidance. The facilitation of the tabletop exercise was a beneficial exercise to complete.
Pitt County	Guided Implementation	10/10	$19,865	10
Keeneland Association	Guided Implementation	10/10	$2,603	2	Frank presented the materials very professioinally and shared some content he'd done for a client to help us continue down the project path. Frank presented the materials very professioinally and shared some content he'd done for a client to help us continue down the project path.

ITRG Provides Proven Results for IT Leaders

30,000+

ITRG members spanning the Global 2000

$400M+

Cut from IT costs with our pricing intelligence and advisory support

+8%

Increase in stakeholder satisfaction where IT leaders used Info-Tech services

9.5/10

Member-related value across +50,000 analyst calls, workshops and projects

About Info-Tech Research Group

Info-Tech Research Group is the world’s fastest-growing information technology research and advisory company, proudly serving over 30,000 IT professionals.

We produce unbiased and highly relevant research to help CIOs and IT leaders make strategic, timely, and well-informed decisions. We partner closely with IT teams to provide everything they need, from actionable tools to analyst guidance, ensuring they deliver measurable results for their organizations.

Our Offices

Arlington, VA

1225 South Clark Street, Suite 1310

Arlington, VA, USA
22202

Las Vegas, NV

3960 Howard Hughes Parkway, Suite 500

Las Vegas, NV, USA
89169

London, ON

345 Ridout Street North

London, ON, Canada
N6A 2N8

London, UK

10 York Road, Suite 5W127

London, United Kingdom
SE1 7ND

Singapore

71 Robinson Road, #14-130

Singapore
068895

Sydney, NSW

320 Pitt Street, Level 6

Sydney, NSW, Australia
2000

Toronto, ON

888 Yonge Street

Toronto, ON, Canada
M4W 2J2