[WEBINAR] The New Normal: Dealing with the Reality of an Unsecure World

Incident Response Plan

Definition - What does Incident Response Plan mean?

An incident response plan is a systematic and documented method of approaching and managing situations resulting from IT security incidents or breaches. It is used in enterprise IT environments and facilities to identify, respond, limit and counteract security incidents as they occur.

Techopedia explains Incident Response Plan

An incident response plan ensures that an incident or breach is resolved or counteracted within the minimum possible time and with the least effect on an organization or its IT systems/environments. Typically, an incident response plan is a formal step-by-step process that is clearly defined within or as part of an organization's disaster recovery or business continuity plan (BCP).

According to the SANS Institute, an incident response plan has six components, as follows:

  • Staff and organizational preparation
  • Incident identification
  • Breach containment
  • Problem eradication
  • Data recovery and services
  • Formation of lessons learned, which are used for future audit requirements

Techopedia Deals

Connect with us

Techopedia on Linkedin
Techopedia on Linkedin
"Techopedia" on Twitter

Sign up for Techopedia's Free Newsletter!

Email Newsletter

Join thousands of others with our weekly newsletter

Free Whitepaper: The Path to Hybrid Cloud
Free Whitepaper: The Path to Hybrid Cloud:
The Path to Hybrid Cloud: Intelligent Bursting To Amazon Web Services & Microsoft Azure
Free E-Book: Public Cloud Guide
Free E-Book: Public Cloud Guide:
This white paper is for leaders of Operations, Engineering, or Infrastructure teams who are creating or executing an IT roadmap.
Free Tool: Virtual Health Monitor
Free Tool: Virtual Health Monitor:
Virtual Health Monitor is a free virtualization monitoring and reporting tool for VMware, Hyper-V, RHEV, and XenServer environments.
Free 30 Day Trial – Turbonomic
Free 30 Day Trial – Turbonomic:
Turbonomic delivers an autonomic platform where virtual and cloud environments self-manage in real-time to assure application performance.