An incident response plan is an organized approach to addressing and managing the aftermath of a security breach or attack (also known as an incident).
An incident response plan defines, in specific terms, what constitutes an incident and provides a step-by-step process that should be followed when an incident occurs. The goal of an incident response plan is to handle the incident in a way that limits damage and reduces recovery time and costs.
An organization's incident response plan is typically put together by the computer incident response team, a carefully selected group that, in addition to security and general IT staff, may include representatives from legal, human resources and public relations departments. Incident response plans may also be called incident management plans or emergency management plans
Asked In: Many Interviews |