Tech moves fast! Stay ahead of the curve with Techopedia!
Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.
Incident Response Plan
Last Updated: January 24, 2017
Definition - What does Incident Response Plan mean?
An incident response plan is a systematic and documented method of approaching and managing situations resulting from IT security incidents or breaches. It is used in enterprise IT environments and facilities to identify, respond, limit and counteract security incidents as they occur.
Techopedia explains Incident Response Plan
An incident response plan ensures that an incident or breach is resolved or counteracted within the minimum possible time and with the least effect on an organization or its IT systems/environments. Typically, an incident response plan is a formal step-by-step process that is clearly defined within or as part of an organization's disaster recovery or business continuity plan (BCP).
According to the SANS Institute, an incident response plan has six components, as follows:
- Staff and organizational preparation
- Incident identification
- Breach containment
- Problem eradication
- Data recovery and services
- Formation of lessons learned, which are used for future audit requirements
