ISO27001 Annex A control A5.26 states "Information security incidents shall be responded to in accordance with the documented procedures."
Keep in mind that Incident Response and Contingency plans are meant to be read during the times of 'crisis' and when emotions are running high!
It is of vital importance that your plans are clear and consise so that they can be read and understood by anyone who needs to follow them when things are going wrong all around them!
Plans are not scenario based, so they won't tell you what to do if there is a fire, flood or cyberattack. Our plans focus on the impact, not the cause. this helps keep the plans focused on asking the right qustions and making informed decisions.
Our plans are deceptively simple, but highly effective. Just as it should be.
This document
All our documents are designed with simplicity in mind. But in their simplicty they meet the both the standards, and your needs.
Use these as a springboard towards continual improvement and see your security management system develop and thrive.
Incident Response & Contingency Plan
Hey, we're not going to go all 'legal' on you here... that's not our style. But this is our Intellectual Property, and we'd prefer it if you didn't go sharing this with other people who haven't spent the money and bought a copy.
Of course, we can't really stop you... But are you that kind of person? We don't think you are. So if you want to tell people about your new found super power of ISO27001-Awesomeness, great... just don't give it away for free!