1. PURPOSE AND GOALS
  1. 1. The purpose of this cyber incident response plan (“IRP”) is to provide a structured and systematic incident response process for all Incidents (defined below), that affect any of the [insert legal name] (“Organisation”) information technology (“IT”) systems, networks, or data including the Organisation’s data held or IT services provided by third-party vendors or service providers.
  1. 2. Specifically, the Organisation’s goal for this IRP include to:
    • Define the Organisation’s cyber incident response process and provide step-by-step guidelines for establishing a timely, consistent, and repeatable Incident response process.
    • Assist the Organisation and any applicable third parties in quickly and efficiently responding to and recovering from different levels of Incidents.
    • Mitigate or minimise the effects of any Incident on the Organisation, its customers, clients, personnel, or others.
    • Help the Organisation consistently document the actions it takes in response to Incidents.
    • Reduce overall risk exposure for the Organisation.
    • Engage stakeholders and drive appropriate participation in resolving Incidents while fostering continuous improvement in the Organisation’s information security program and Incident response process.