Developing the incident response plan
The basis and plan must be developed as they are the main resource for the process. The plan will encompass support for incident response and will have been developed formally, specifying the high level details of how to initiate incident response, provide contacts, and if third parties are to be involved, the process to involve them. The plan will also include the team roles and responsibilities along with communication protocols and the response times outlined for the levels of severity. Another item that may be important to have in the plan and process is escalation levels. These can be assigned to various severity incidents to ensure that only the contacts that need to be engaged are engaged and at the right time in the response process. Each team involved in incident response should know what the plan is and what is expected of each member.
A process can be written to illustrate the flow of an incident and should be provided as documentation to the...
