Define your security incident management program in the following sections:
- Purpose and mission
- Definitions
- Organizational approach to incident response
- Roles and responsibilities
- Process
- Identification and classification confirmation
- Incident severity classification
Formalize the security incident management program by defining a central, high-level guide to describe goals, roles, and responsibilities, as well as the process that will underlie all incident classification and response.