U.S. Department of Health and Human Services
Incident response plans are documented for systems to ensure computer security incidents are handled efficiently and effectively. Knowing what to do enables you to ensure the confidentiality, integrity, and availability of the information contained within the system is not compromised.
Each OPDIV is responsible for developing and documenting the process and responsibilities for incident response. IT Administrators are most likely to be involved in the Detection, Response, and Resolution phases of the typical five-phase incident response life cycle.
Federal law requires Federal agencies to report incidents to the Federal Computer Incident Response Center (FedCIRC) office within the Department of Homeland Security.
Page 5 of 9
System Security Documentation
Incident Response Plan