Incident Response Plan (IRP)

Incident Response Plan (IRP)

A plan that lays out an organized approach to addressing and managing the aftermath of a security breach or attack. It should define, in specific terms, what constitutes an incident and provides a systematic process that should be followed when an incident occurs. The process should include, but not limited to, steps for breach identification, containment and mitigation, escalation, response and remediation, documentation, notification, recovery, and follow-up. A comprehensive IRP will address multiple types of breach incidents such as those involving loss or theft of physical data, laptops, smart phones, portable USBs, etc., in addition to cybersecurity related events. The IRP would also address steps that may need taken if the breach incident happened to a vendor.


    • Related Articles

    • Escalation Plan

      A set of procedures that specifies the actions to be taken to respond to an incident, specifically who in the organization is to be contact and at what point.
    • Business Continuity Disaster Plan

      A formal blueprint to allow a company to continue operations if the business is affected by different levels of disaster. A comprehensive business continuity disaster plan is written to cover all aspects of the company’s policies and procedures in ...