• Stakeholder identification
and communication
• Incident declaration and
escalation
• Incident response reporting
- Executive summary
- Who, what, when, where,
and why - Recommendations
- Timeline
- Impact
- Scope
- Evidence
• Communications - Legal
- Public relations
o Customer communication
o Media - Regulatory reporting
- Law enforcement
• Root cause analysis
• Lessons learned
• Metrics and KPIs - Mean time to detect
- Mean time to respond
- Mean time to remediate
- Alert volume