As security threats continue to evolve, it's vital for organizations to have an incident management plan in place....
With proper incident management planning, potential threats and resources can be identified. Like other hierarchical structures organizing staffing and resources, incident management has multiple elements. Incident response, while sometimes used synonymously with incident management, is just one facet of it.
Think of incident management and incident response as analogous to parent and child, respectively. From a hierarchical perspective, incident management planning sits above incident response planning. Incident management includes preparing leadership, coordinating with other organizations, securing funding and access to emergency resources, coordinating training and scheduling training activities, such as tabletop exercises. Identification and training of incident response team members are also aspects of incident management planning, as well as documentation of policies and procedures and other administrative activities.
By contrast, an incident response plan documents the steps to take when an event occurs. This can include assessing the nature of the event, damage caused by the event and the security of employees who may be affected by the incident. Incident response also includes notifying necessary personnel of the incident and status of the organization. These personnel can include first responders -- e.g., police, fire and emergency management teams -- senior management and employees. Coordinating the safe relocation of employees from the event may be necessary, as well as communicating with appropriate parties and reporting on the incident -- e.g., what happened, what was done and, once the worst is over, what lessons were learned from the event and response.
This diagram is similar to the structure of the Incident Command System (ICS), which provides a structured framework for dealing with disasters of virtually any kind. ICS has an overall leader, incident commander and four sections for staffing: operations, logistics, planning and finance/administration. Operations and logistics deal with the incident on the ground, and planning and finance/administration provide support. ICS defines specific roles and responsibilities for all team members. The system is scalable from a small event to a large-scale incident.
Our model for incident management planning doesn't go into as much detail as ICS on the surface but, nonetheless, describes a strong framework for managing, planning for and responding to an incident.
Dig Deeper on Disaster recovery planning - management
Related Q&A from Paul Kirvan
Do you have challenges with your data backup process, such as a lack of the right security? The three directives here will help with your overall ... Continue Reading
Business continuity and disaster recovery compliance is a valuable asset and may require a deeper understanding of modern standards and changes your ... Continue Reading
With ISO/TS 22330, the International Organization for Standardization covers the issues related to the people involved in BC/DR incident response. Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.