Custom Incident Response Plans for Everyone

Expanding our efforts to bring quality plans to every organization

Summary

Starting with a high-quality incident response plan template is good, but we can do better with a convenient tool to customize that template for your organization. We’ve released an easy-to-use app that lets you enter simple information about your organization and download a customized plan. The output is ready to use immediately, and contains instructions for how to improve the plan over time.

Incident response planning is a cornerstone of information security and a required component of many compliance regimes - get started with a free custom plan ASAP.

Introduction

Starting with a high-quality incident response plan template is good, but even better is to have a convenient way to customize that template for your organization. We’ve released an easy-to-use app that lets you enter simple information about your organization and download a customized plan. The output is ready to use immediately, and contains instructions for how to improve the plan over time.

How To

Enter Basic Information

The plan builder lets you fill in up to 37 bits of information, often just a name, number, or URL, to fill in key elements of the basic plan template. Your information is all processed in your browser, not stored and not sent anywhere. Of course, if you’d prefer to build your plan yourself there’s always the option to use the open source template directly.

Incident Response Plan Builder

Review and Download

As you enter your information the preview updates in real time, letting you see the results of your efforts. Whenever you’re ready, click the download link to get an HTML copy of your plan. This filled, custom version contains just clean HTML, no styles, and is ready to integrate into your intranet or CMS, or to open in a word processor or text editor and continue to improve.

This is all at no cost, without any gate-keeping or email-harvesting. Better incident response plans are good for everyone.

Continue to Improve

The customization options in the plan builder are just the beginning. Depending on the requirements of your organization, you’ll very likely want to further improve your plan immediately. The generated plan contains helpful guidance for ways in which you might choose to enhance and expand the baseline.

Incident Response Plan Customization Instructions

Sometimes it’s nice to have a second set of eyes to add this next level of polish or to augment your busy team. We’re happy to help take your customizations to the next level, please contact us if we can help.

Built on a Solid Foundation

The plan builder uses the latest version of our concise, directive, specific, flexible, and free template originally released in 2017. We’ve learned a lot since then and that plan has seen numerous improvements; we’re excited to see it continue to improve and expand, and the plan builder will leverage the latest. If you’d like to see improvements to the builder please submit pull requests to the plan template, we love to incorporate great ideas from the community.

A Compliance Head-Start

Besides being a generally good idea, having a customized, effective, and well-practiced incident response plan is required by most compliance regimes and infosec frameworks in common use:

Sector Framework Section(s) Details
Healthcare HIPAA 164.308(a)(6) Standard: Security incident procedures. Implement policies and procedures to address security incidents.
Finance FFIEC III.D “Management should prepare for potential incidents by developing an incident response plan that is comprehensive, coordinated, and integrated with existing institution policies, procedures, and training …”
Retail (Payments) PCI DSS 12.10 “Implement an incident response plan. Be prepared to respond immediately to a system breach.”
Critical Infrastructure NERC CIP CIP-008-5 “Requirements: One or more processes to identify, classify, and respond to Cyber Security Incidents …”
General NIST CSF PR.IP-9, RS.RP-1 “Response plans and recovery plans are in place and managed,” “Response plan is executed during or after an incident”
General CIS CSC 19 “Protect the organization’s information, as well as its reputation, by developing and implementing an incident response infrastructure (e.g., plans, defined roles, training, communications, management oversight) …”
General COBIT DSS04 “Establish and maintain a plan to enable the business and IT organizations to respond to incidents and quickly adapt to disruptions …”

These are far from comprehensive, but clearly illustrate how pervasive the idea of good incident response planning is, and how critical it is to many industries. Different frameworks have different requirements for their plans, but all benefit from a solid starting point.

Conclusion

Our incident response plan builder provides a convenient way to build a customized incident response plan for your organization. Give it a try, let us know what you think - we’re constantly looking for ways to make this more useful to the community. And if you’d like some help with incident response planning, incident response itself, or anything else infosec, don’t hesitate to contact us.