An excellent template for an Incident Response Policy can be found in RFC 2350 here. While this is a template for a computer security incident response team (CSIRT), it has a lot of the same structure you would need for an Incident Response Policy.
It even has a filled out example of the template. Here’s an excerpt:
5.1.2 Incident Coordination
- Determining the initial cause of the incident (vulnerability exploited).
- Facilitating contact with other sites which may be involved.
- Facilitating contact with XYZ University Security and/or appropriate law enforcement officials, if necessary.
- Making reports to other CSIRTs.
- Composing announcements to users, if applicable.
5.1.3 Incident Resolution
- Removing the vulnerability.
- Securing the system from the effects of the incident.
- Evaluating whether certain actions are likely to reap results in proportion to their cost and risk, in particular those actions aimed at an eventual prosecution or disciplinary action: collection of evidence after the fact, observation of an incident in progress, setting traps for intruders, etc.
- Collecting evidence where criminal prosecution, or University disciplinary action, is contemplated.
In addition, XYZ-CERT will collect statistics concerning incidents which occur within or involve the XYZ University community, and will notify the community as necessary to assist it in protecting against known attacks.
Check it out!
{ 3 comments… read them below or add one }
Assessing the cash flow is one more essential element within the company strategy format, so as to sustain a normal cash flow to meet the essential capital needs. Probability of monetary crisis and also the methods of crisis management must be pointed out in the structure. The business strategy should consist from the marketing plans and strategy leading towards the expansion in the organization.
http://mx518.info/mx518-gaming-optical-mouse/
Hi, I couldn’t find a contact form and it’s really important that I reach you so I hope you don’t mind me posting here. WOW, what an interesting little blog you have here
! I also run one similar to Incident Response Policy Template, I guess great haha. I’ve been following your site for a while now and I’ve got some bad news – you’re wasting your time if you’re only making a couple hundred bucks or even a few thousand a month. You can be doing SO much more. There are a lot of tips and tricks that will help you improve your google and yahoo ranking, just some stuff I’ve learned over the ages. It’s easy! It shouldn’t take you more than 5-10 minutes. Please reach me today at BigBloggerJake [at] gmail.com. I’ll check my spam folder and you should too, I know email filters are crazy these days. Looking forward to boucing ideas with you!