Incident Management

The incident management responsibilities of CISOs include:

  • Receive information about security incidents
  • Coordinate response to security incidents
  • Prepare evidence for legal action following an incident
  • Analyze incidents in order to prevent their recurrence
  • The ability to prepare for and respond to events that present a negative effect on our network
  • The goal is to limit (as much as possible) disruptions to the network and other business processes
  • Planning must be done well in advance
    • Incident Response Team selected and trained
    • Formal Policies and Procedures written and posted
    • Necessary Tools provided
    • Support from Senior Management

Source :