An incident response plan is a roadmap or guide for implementing your incident response capability. Your incident response capability is your incident response team, incident response strategies, and any other resources your organization has to handle incidents. In the case of this article the incident response plan will be focused on cybersecurity incidents.
What Should an Incident Response Plan Contain?
Statement of management approval and commitment to the incident response plan
The purpose and objective of the incident response plan
The scope of the incident response plan
A definition that defines a cybersecurity incident
A list of roles (incident response team members, relevant management)
A list of cybersecurity incident severity ratings and their associated priorities
How your organization intends to use to measure the performance of your incident response capability
A road map for improving your incident response capability
Your incident response procedures
Incident response handling checklists for common cybersecurity incidents
Any reporting and contact forms your organization is required to use
Cybersecurity Maturity Model Certification (CMMC) and Incident Response Requirements
Companies with level 2 or higher CMMC requirements will need to have an incident response capability inplace. This includes being able to detect and respond to incidents, analyzing incidents, reporting incidents to relevant third parties (such as the DoD), testing incident response capabilities, and having plans in place to deal with common incidents. If you would like more information on your cybersecurity maturity model certification (CMMC) related requirements reach out to us at email@example.com.
Quick & Simple
Discover Our Cybersecurity Compliance Solutions:
Whether you need to meet and maintain your compliance requirements, help your clients meet them, or verify supplier compliance we have the expertise and solution for you
NIST SP 800-171 & CMMC Compliance
Become compliant, provide compliance services, or verify partner compliance with NIST SP 800-171 and CMMC requirements.