BIZOPS-7 Security Incident Management Plan

What is this control about?

An incident management policy is the first part in building an incident program. TrustCloud gets you started with an out-of-the-box policy, however, it is important to make this policy your own by customizing it. As an organization, you must define what an incident is and the type of incidents that could happen in your environment. There is no right or wrong here as each organization is unique.

Available tools in the marketplace

Available templates

TrustCloud has a curated list of templates internally or externally sourced to help you get started. Click on the link for a downloadable version:

• Incident Best Practice recommendation from NIST (National Institute of Standards and Technology)
• Incident Response Plan Template

Control implementation

Note: This control is 100% automated by TrustCloud. Upload your policy or leverage TrustCloud built-in policy to enjoy the benefit of automation

For a manual implementation: 

Document an Incident Management Policy and procedures that include:

• Incident definition
• Incident identification
• Incident response team
• Incident analysis
• Incident containment/remediation
• Incident reporting
• Lessons learned

What evidence do auditors look for?

Most auditors, at a minimum are looking for the below suggested action:

• Provide your incident management procedures

Evidence example

From the suggested action above, an example is provided below.

1. Provide your incident management procedures

Use the TrustCloud Incident Management Plan template.

No screenshot deemed necessary, as template provided serves as artifact example.