Incident Response Lifecycle Preparation

Define the preparation work that has to be completed prior to having any capability to respond to incidents

  • Coordinate planning and design
    • Identify incident management requirements
    • Obtain funding and sponsorship
    • Develop implementation Plan
  • Coordinate implementation
    • Develop policies, processes and plans
    • Establish incident handling criteria
    • Define critically
    • Evaluate incident management capability
    • Define post-mortem review
    • Define process change procedure

Source :
https://www.cybrary.it/notes/edronegroup/ciso/module-7-incident-management
https://advisera.com/27001academy/knowledgebase/what-is-the-job-of-chief-information-security-officer-ciso-in-iso-27001