This article provides tips on what to include in your policy is excerpted from an article on incident management published by their sister publication Information Security magazine.
An effective incident management program must assign responsibilities and specify routine procedures in the event of an incident.
Next, getting down to brass tacks, your computer incident response team (CIRT) policy should specify first responders, responsibility for management of the response to a specific incident, and follow-up and reporting responsibilities.
That’s the mostly-technical first part of a more detailed and comprehensive IMP. Besides the MIS and network technical staff who are first responders, who should be part of the IMP?
At the very least: risk management, corporate legal, corporate security, public relations, human resources and labor relations, the office responsible for regulatory compliance, and all major business units with oversight and advisory responsibility. Further, while initial response in many cases will be technical, IT staff can’t make decisions in a vacuum.
California’s Database Security Breach Notification Act (SB 1386), which went into effect last July, requires companies to inform California customers of incidents involving the compromise of their names in combination with their Social Security, driver’s license or credit card numbers.
More info: [url=http://searchsecurity.techtarget.com/tip/1,289483,sid14_gci945247,00.html]http://searchsecurity.techtarget.com/tip/1,289483,sid14_gci945247,00.html[/url]