Incident Response Plan

Definition - What does Incident Response Plan mean?

An incident response plan is a systematic and documented method of approaching and managing situations resulting from IT security incidents or breaches. It is used in enterprise IT environments and facilities to identify, respond, limit and counteract security incidents as they occur.

Techopedia explains Incident Response Plan

An incident response plan ensures that an incident or breach is resolved or counteracted within the minimum possible time and with the least effect on an organization or its IT systems/environments. Typically, an incident response plan is a formal step-by-step process that is clearly defined within or as part of an organization's disaster recovery or business continuity plan (BCP).

According to the SANS Institute, an incident response plan has six components, as follows:

Staff and organizational preparation
Incident identification
Breach containment
Problem eradication
Data recovery and services
Formation of lessons learned, which are used for future audit requirements

Tech moves fast! Stay ahead of the curve with Techopedia!

Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.

Related Articles

5 Warning Signs of a Critical Equipment Failure

Cloud Backup and Disaster Recovery for Small and Medium-Sized Businesses

Disaster Recovery: The 5 Things That Often Go Wrong

The Basics of IT Planning

How Is Technology Helping Combat Climate Change?

How to Find and Remove Camera Malware

Featured Q&A

More of your questions answered by our Experts

Resources

FREE WEBINAR - March 12, 2019 11:00am EST | Managing Multiple Database Roles: How Many Hats Do You Wear? REGISTER TODAY

FREE WEBINAR - March 12, 2019 11:00am EST | Managing Multiple Database Roles: How Many Hats Do You Wear? REGISTER TODAY:

FREE WEBINAR | How to Continuously Monitor and Analyze MySQL and MariaDB with IDERA's SQL Diagnostic Manager

FREE WEBINAR | How to Continuously Monitor and Analyze MySQL and MariaDB with IDERA's SQL Diagnostic Manager:

Techopedia Resources | Browse Industry Leading Software Used by Techopedia Staff and Users Daily.

Techopedia Resources | Browse Industry Leading Software Used by Techopedia Staff and Users Daily.:

New Whitepaper: Best Ways to Extend Endpoint Management and Security to Mobile Devices

New Whitepaper: Best Ways to Extend Endpoint Management and Security to Mobile Devices:

Complimentary Webinar - Getting Control of Your BYOD Program with UEM

Complimentary Webinar - Getting Control of Your BYOD Program with UEM:

Systems Monitoring for Dummies

Systems Monitoring for Dummies:

What's really going on in that Cisco ASA of yours?

What's really going on in that Cisco ASA of yours?:

E-Book: Compliance is Not Enough: Planning a Complete Security Strategy

E-Book: Compliance is Not Enough: Planning a Complete Security Strategy:

Latest Articles

How Is Technology Helping Combat Climate Change?

How to Find and Remove Camera Malware

INFOGRAPHIC: Artificial Intelligence vs Machine Learning vs Deep Learning

5 Common Questions About Website Accessibility

9 Reasons to Go for a Data Science Course