HOW TO USE THIS GUIDE:
This guide is based on the previous document, Best Practices for Establishing a National CSIRT1,
developed by the Organization of American States (OAS) in 2016, which covers topics on planning and implementing a Computer Security Incident Response Team (CSIRT), including its organization, human resources, training, and infrastructure aspects, among others. This second edition is intended to build upon the previous and serve as a directional guide for project leaders, decision makers, and anyone interested in creating, developing, modernizing, or sustaining a strategically focused CSIRT.
The guide is limited to CSIRTs in the public sphere, with a special focus on Latin America and the
Caribbean, and is based on more than 15 years’ experience, paired with the OAS’s knowledge on
the topic, as well as real statistical data obtained from the CSIRTAmericas Network2 of the Inter-
American Committee Against Terrorism of the Organization of American States (CICTE/OAS,
for their acronyms in Spanish). Additionally, it takes advice and experiences from regional and
international facilitators who were interviewed and cited for purely educational purposes in the
preparation of this document.
This guide presents general recommendations, so it is important to understand that when
evaluating best practices, it is essential to contextualize the space, time, and resources available to each situation. Each country has a different political structure, culture, geographical landscape, and legal framework. As such, this guide is not meant to serve as a static template, but rather as a resource adaptable to local conditions, as necessary.