top of page

SecAware materials

SecAware logo

8¼-page information security policy template on incident management.


Information security incidents must be reported, managed and resolved professionally and efficiently.  Important lessons must be drawn out and learnt from incidents and exercises, prompting improvements to reduce the possibility and/or impacts of similar incidents occurring again. 


This important policy lays out key aspects of incident management and the corresponding responsibilities.  It is unusually detailed and lengthy for a policy because there is so much to consider, plan and prepare before serious incidents occur, as well as lots to do in the course of investigating, resolving and learning from them.  Skip the prep at your peril!


We also offer a separate template policy on incident reporting with a distinct audience i.e. all workers, not just incident managers and execs.  


Supplied as an MS Word document, readily customised for your organisation's specific situation and incident management arrangements.

Incident management policy

  • Information security policy template on incident management


    See also the policies on:

bottom of page