Incident Response Planning
The document outlines the requirements and guidelines for incident response planning in the context of cyber security incidents. It emphasizes the importance of post-incident reviews to identify vulnerabilities, calculate costs, and assess recovery times. Communication management is highlighted, stressing the need for clear and concise communication with internal and external parties, including authorization to speak, relevant contacts, and statements.
Entities are advised to consult with responsible parties before activating the obligation and to regularly review their incident response plans. Procedures for threat hunting and regulatory compliance are detailed, focusing on education and engagement with responsible entities. Additionally, the document addresses the importance of procedures for removing attacker access, ensuring perimeter security, and validating the removal of attacker access.
For inquiries regarding the license and use of the document, contact sons@homeaffairs.gov.au.
Views: 1
