Creativeapril - Fotolia
As security threats continue to evolve, it's vital for organizations to have an incident management plan in place. With proper incident management planning, potential threats and resources can be identified. Like other hierarchical structures organizing staffing and resources, incident management has multiple elements. Incident response, while sometimes used synonymously with incident management, is just one facet of it.
Think of incident management and incident response as analogous to parent and child, respectively. From a hierarchical perspective, incident management planning sits above incident response planning. Incident management includes preparing leadership, coordinating with other organizations, securing funding and access to emergency resources, coordinating training and scheduling training activities, such as tabletop exercises. Identification and training of incident response team members are also aspects of incident management planning, as well as documentation of policies and procedures and other administrative activities.
By contrast, an incident response plan documents the steps to take when an event occurs. This can include assessing the nature of the event, damage caused by the event and the security of employees who may be affected by the incident. Incident response also includes notifying necessary personnel of the incident and status of the organization. These personnel can include first responders -- e.g., police, fire and emergency management teams -- senior management and employees. Coordinating the safe relocation of employees from the event may be necessary, as well as communicating with appropriate parties and reporting on the incident -- e.g., what happened, what was done and, once the worst is over, what lessons were learned from the event and response.
This diagram is similar to the structure of the Incident Command System (ICS), which provides a structured framework for dealing with disasters of virtually any kind. ICS has an overall leader, incident commander and four sections for staffing: operations, logistics, planning and finance/administration. Operations and logistics deal with the incident on the ground, and planning and finance/administration provide support. ICS defines specific roles and responsibilities for all team members. The system is scalable from a small event to a large-scale incident.
Our model for incident management planning doesn't go into as much detail as ICS on the surface but, nonetheless, describes a strong framework for managing, planning for and responding to an incident.