SecAware materials

SecAware logo 150 animated ezgif.gif

~6-page information security policy template on incident management.


Information security incidents must be reported, managed and resolved in a professional and efficient manner.  Important lessons must be drawn out and learnt, prompting improvements to reduce the possibility and/or impacts of similar incidents occurring again.  This policy lays out key aspects of incident management and the corresponding responsibilities.


Note: the specific $ value in the policy determines whether an incident qualifies as 'significant' and therefore should be treated differently from lesser incidents: management should determine and specify the appropriate threshold, or find another way to ensure greater attention is paid to more sigificant incidents.


Delivered as an editable MS Word document, easily customized for your organization's specific needs.

Incident management policy