Information Security Incident Response Planning

Ask around ... most people and all information security professionals will tell you that how an organization responds to an information security incident is equally important, if not more important, than the fact an incident occurred. With regulations governing incident response at all-time highs, now more than ever it is critical to have an effective, repeatable and reliable incident response plan in place.

 

A critical staple of any "PRISM" library is the Information Security Incident Response Plan (ISIRP). The purpose of an ISIRP is to convey the roles, responsibilities and procedures that will be followed for the lifecycle management of all information security alerts, events and incidents that affect and impact your organization.


We will deliver an ISIRP, complete with processes and forms, to help ensure your organization is ready to face tough challenges and opportunities for improvement that result from an information security alert, event or incident taking place. At a minimum, your ISIRP will include:

  • An overview of the ISIRP
  • Declaration and notification matrices
  • Responses processes for:
    • Identification phase
    • Assigning alert, event and incident handlers
    • Notification phase
    • Triage phase
    • Verification phase
    • Containment phase
    • Eradication phase
    • Recovery phase
    • Capturing lessons learned
    • Auditing
  • Vendor, authority and incident response team contact information
  • Public relations and media management controls

Responding to information security alerts, events and incidents is critically important to all organizations. As PRISM Professionals, we place a great deal of emphasis on "repeatable and reliable" processes to help ensure your organization is educated, equipped and ready to deal with appropriate response procedures based on the scenarios at hand.

 

In addition to developing, implementing and training key stakeholders on the ISIRP, we are also available to manage all information security alerts, events and incidents for your organization. This includes being the single point of contact for media and public relations.

 

Get started