Templates
Quality Assurance
Information Security Incident Response
Information Security Incident Response
🖥️

Information Security Incident Response

Respond to an information security incident quickly and efficiently.
1
Introduction:
2
Initial response:
3
Input personnel details
4
Perform preliminary incident analysis
5
Alert response team of incident
6
Identify legal obligations
7
Determine who needs to be notified
8
Damage control:
9
Secure the premises around the affected area
10
Scan for compromised machines
11
Disconnect compromised systems from network
12
Backup all critical systems data
13
Preserve all system and application logs and states
14
Enact web server safeguard protocol
15
Monitor the system for signs of continued access
16
Check IP address reputation score
17
Incident investigation:
18
Determine whether incident has been resolved
19
Determine the impact of the incident
20
Provide suggestion for customer's best course of action
21
Communications:
22
Alert law enforcement of the incident
23
Enact federal data breach notification procedure
24
Inform upper management of the incident
25
Inform the customer of leaked sensitive information
26
Sources:
27
Related checklists: