With so many choices, how does an organization begin to set up an incident response program? As with most journeys (or corporate actions), making the decision to support the idea is the crucial first step. It’s absolutely vital to get senior executive-level support for developing your incident response program. One thing is for certain: anyone proposing this to senior management must be able to make a compelling business case. Although much of the information in this book is meant to make that process easier, we cannot possibly give readers all the material required to take their case to management. A lot of the business case comes down to a cost-benefit analysis presented so the executive can quickly see the benefit of having an incident response capability established. After all, capability (and management interest!) already exists in being able to respond to fire, theft, burglary, or medical emergencies.

This chapter covers the administrative, management, political, and operational issues of setting up an incident response program. Naturally, the specifics vary by organization, but there should also be a great deal of common ground.