Skip to main content

Beta What do you think of this service? Your feedback will help us to improve it.

  4. Incident management, incident investigation and response

Incident management, incident investigation and response

Skill Definition

Incident management, incident investigation and response refers to the set of processes, procedures and systems used to reduce the harm caused to victims of cyber incidents and deter future attacks. The principles of the skill include engagement with the overall organisation incident management process to ensure that information security incidents are handled appropriately, defining and implementing processes, procedures and configuring system policies for responding to and investigating information security incidents, establishing and maintaining a Computer Emergency Response Team (CERT) and systems to deal with information security incidents.

Awareness

Awareness

Describes the basic principles of incident management, incident investigation and response. Implements processes, procedures and systems for responding to and investigating incidents

Follows documented principles and guidelines for incident management, incident investigation and response activities with supervision

 

 

Working

Working

Contributes to incident management, incident investigation and response policy and/or incident management processes, procedures and systems

Follows documented principles and guidelines for incident management, incident investigation and response activities with limited direction/supervision

 

 

Practitioner

Practitioner

Defines incident management, incident investigation and response policy and/or incident management and investigation processes, procedures and systems

Follows documented principles and guidelines for incident management, incident investigation and response activities

Advises others on incident management, incident investigation and response processes

 

 

Expert

Expert

Champions incident management, incident investigation and response policy and/or incident management and investigation processes, procedures and systems

Shapes incident management, system response, incident investigation and response principles and guidelines for incident management activities

Advises on corporate and systems response to an incident

Promotes incident management, incident investigation and response best practice

Monitors the effectiveness of reporting

Sign up to UK Government Security

Subscribe to our newsletters to receive notifications when changes to strategy, policy, standards, and guidance are published on the website.

Sign up now