Abstract

All IT organizations should have an Incident Response Plan whether or not they are dealing with FISMA compliance. An Incident Response Plan describes the incident response processes and the incident response team’s roles and responsibilities. A well thought-out Incident Response Plan helps retain order and efficiency during a stressful situation. Most federal agencies have a Computer Security Incident Response Center (CSIRC). The CSIRC provides centralized response services and coordinates incident response activities. The Incident Response Plan developed for the Security Package does not replace the process already established by the CSIRC—it augments it and embellishes it with the particulars ...