Guidance Respond 13

Guidance Note:

Incident response is a formal programme that prepares an organisation for an incident. Incident response generally includes:

1. Preparation to establish roles, responsibilities and plans for how an incident will be handled
2. Detection and Analysis capabilities to identify incidents as early as possible and effectively assess the nature of the incident
3. Investigation capability if identifying an adversary is required
4. Mitigation and Recovery procedures to contain the incident, reduce losses and return operations to normal
5. Post-incident Analysis to determine corrective actions to prevent similar incidents in the future

------

Being fully prepared for how exactly to respond to a major incident that damages your organisation, including how important the different parts of your organisation are and how quickly each has to recover to full capacity is extremely important.