Formalize the security incident management program by defining a central, high-level guide to describe goals, roles, and responsibilities, as well as the process that will underlie all incident classification and response.
Define your security incident management program in the following sections:
- Purpose and mission
- Definitions
- Organizational approach to incident response
- Roles and responsibilities
- Process
- Identification and classification confirmation
- Incident severity classification