An IT incident can be confined to the IT components of your business, such as a Denial of Service DoS attack that targets your business. An IT incident can also be part of a wider business crisis, such as widespread damage to networks due to natural disasters.
Your IT risk management plan and business continuity plan should include:
IT incident response plans identify principal IT risks and the steps you need to take to mitigate effects or damage. They may include details of key staff who need to be notified, priority actions, communication plans, contact lists and an event log to record actions taken.
IT incidents may be the result of a wider crisis, such as an explosion, bushfire or flood. In any emergency situation the safety of staff and members of the public are your first priority. An IT incident response plan should integrate with and support emergency response plans.
A recovery plan will help you respond effectively if an IT incident or crisis affects your business. A recovery plan can shorten recovery times and minimise losses, and should include:
Read more about developing an incident recovery plan.