security-handbook

What is a Security Incident Management Plan?

The security incident management plan template can be used as a starting point - internal to Made Tech only.

A Security Incident Management Plan, also known as a SIMP, outlines a plan for managing security incidents for a given system. This should also encompass an incident response (IR) plan.

“Incident management collects together the coordinating functions which guide, inform and support the whole response process. It encompasses a number of aspects, including: Tracking, documenting, assigning and correlating all findings, tasks and communications. Note that keeping careful track of the whole response is very important in cases which may later be reviewed by regulators or courts. This includes real or potential data breaches and criminal activity. Arranging of regular update meetings or calls, and involvement of relevant teams Escalating serious incidents to senior management Ensuring the incident is communicated appropriately (to team, wider business, other stakeholders) Ensuring that the full incident lifecycle is covered from initial discovery through to close down.” NCSC