Incident Handling and Response Capability: An IT Security Safeguard
Part 2: Establishing the Capability
Catherine M. Woodbury, CISSP - May 8, 2002

Establishing the Capability

What are some of the steps an organization must accomplish to establish an Incident Handling and Response capability?<br>&nbsp; <br> Most IT Security Teams realize they need an Incident Handling and Response capability. Some may already be on their way to building one internally using an internal expert or sending IT Security team members to a formal class. If funding allows, an outside source may be brought in to get the program running quickly and efficiently. Regardless of the means to accomplish this capability, there are three fundamental steps and associated documentation to build this capability.<br>&nbsp; <br> <font color="#336699">This is <b>Part 2</b> of a 2-part article on IT Security, details the necessary steps to establish an Incident Handling and Response Capability.<br>&nbsp; <br> <a href="/Research/ResearchHighlights/Security/2002/05/research_notes/MI_ST_XCW_05_07_02_1.asp" target="_blank"><b>Part 1</b></a> discussed the technologies and programs an organization needs to benefit from this capability.</font>..