Security Incident Management Report

1608 Words7 Pages
Security incident and management policy
Blyth’s Books

Blyth’s Books
Security incident and management policy

Subject: Security incident and management policy
Report Prepared by: (Insert Name):
Approved: (Signature Line) Submission Date: (Insert Date)

A security incident refers to a warning foreseeing a vulnerability, possible threat or reporting a compromised flaw against an organization’s data resource, computer systems or access violations. An incident may be an error, a fault, a problem or non-functionality of a system module. A set of guidelines, rules and procedures enshrined in the security policy govern employees, vendors and business consultant’s actions in relation to the security of corporate
…show more content…
The standard divides the information security and incident response into five phases. The first phase, plan and prepare, emphasis on the need for an organization to draft an information security incident management policy, create a competent Incident response team comprising of representatives from all departments. Xxxxx The second phase, detection and reporting emphasizes on the need for any employees, vendors, consultants etc. who discovers a defect, incident, security flow, vulnerability or an event that can compromise the system, data quality and integrity to report the incident promptly within the given procedures and framework. Xxxxxx The third, assessment and decisions, refers to a process where the response team and experts assess the incident, assess its scope, mitigation ,corrective as well as preventive measures for similar future incidents. They share their findings in a report to the incident response technical team which is responsible for effecting the ideal decision in thwarting the threat posed by the incident.…show more content…
The response team acknowledges receipt on an incident ticket to the assignment team before coordinating all the stakeholders. The immediate receipt response may be an automated reply to inform the source that due process has been initiated. It’s imperative that the source is notified at all levels of the incident management so that all the incident scope is identified and the best solution implemented. The CSIRT is mandated to provide reactive services in responding to security incidents, proactive measures to prevent future occurrences of the same incidents as well as coordinating with other departments in improving security of computer systems. (Technopedia,

More about Security Incident Management Report

Open Document