An incident response plan is created to document (in detail) the steps needed to be taken by the internal IT team / business to address any type of security incident/outage/breach that could occur which could negatively impact the company or the internal systems environment. The creation of an incident response plan takes more effort than some consider as it requires step-by-step details of how to address every type of incident. Creation of the incident response plan is only the first step. In order to keep the incident response plan current and effective, it must be tested on an annual basis. While there are many different types of incident response plan testing, the best type is to hold a mock incident/disaster with the response team without warning. With that type of test, you will get the best understanding of how prepared the internal incident response team is if an incident occurs.
Our 1 Cyber Valley consultants have years of experience working with clients to generate, update, and test incident response plans depending on client need. For clients without a plan, the 1 Cyber Valley consultant will come onsite and hold interviews with IT personnel to fully understand all the processes involved in incident management. Once this is completed, the 1 Cyber Valley consultant will work with your management to make any necessary changes and start to create a test plan. For the testing phase, the 1 Cyber Valley consultant can act as the test mediator which can include the initial announcement of the test incident that occurs, then helping to document the incident results ending in the post test lessons learned discussion.
The creation and maintenance of a fully detailed incident response plan would help you to document all steps needed to address, mitigate and contain an actual incident should one occur. By fully testing your plan annually, you will ensure that your plan stays current and effective. By keeping your team involved in the incident response plan building and testing, you ensure that they are all aware of how the plan works and stay in tune with the individual roles needed to carry out the plan.