Incident response policy Essay Example | Topics and Well Written Essays - 500 words

Incident response policy - Essay Example IRT Team Leader:Â  The IRT must have an individual in charge of its activities. The IRT Team Leader will generally be responsible for the activities of the IRT and will coordinate reviews of its actions. This might lead to changes in polices and procedures for dealing with future incidents. IRT Incident Lead: In the event of an incident, one individual responsible for coordinating the response is assigned. The IRT Incident Lead has ownership of the particular incident or set of related security incidents. IRT Incident Lead works as representative to the outside when an incident occurs IRT Associate Members:Â  Besides the core IRT team, you should have a number of specific individuals who handle and respond to particular incidents. Associate members will come from a variety of different departments in Gem Infosys. They should specialize in areas that are affected by security incidents but that are not dealt with directly by the core IRT. The following member can be appointed depending on the incident; Legal Representative: - Apart from accidental virus attack, intruders may also launch attacks. Legal representative comes in to action in such incidents. This member is a lawyer who is very familiar with established incident response policies. The Legal Representative determines how to proceed during an incident with minimal legal liability and maximum ability to prosecute offenders. To be able to recover effectively from an incident, it is needed to determine how seriously the systems have been compromised. This will determine how to further avoid and minimize the risk, how to recover, how quickly and to whom that should communicate the incident. Compare systems to previously conducted file/system integrity checks. This enables you to identify additions, deletions, modifications, and permission and control modifications to the file system and registry. 1. Protect