Expanding our efforts to bring quality plans to every organization
Starting with a high-quality incident response plan template is good, but we can do better with a convenient tool to customize that template for your organization. We’ve released an easy-to-use app that lets you enter simple information about your organization and download a customized plan. The output is ready to use immediately, and contains instructions for how to improve the plan over time.
Incident response planning is a cornerstone of information security and a required component of many compliance regimes - get started with a free custom plan ASAP.
Starting with a high-quality incident response plan template is good, but even better is to have a convenient way to customize that template for your organization. We’ve released an easy-to-use app that lets you enter simple information about your organization and download a customized plan. The output is ready to use immediately, and contains instructions for how to improve the plan over time.
Enter Basic Information
The plan builder lets you fill in up to 37 bits of information, often just a name, number, or URL, to fill in key elements of the basic plan template. Your information is all processed in your browser, not stored and not sent anywhere. Of course, if you’d prefer to build your plan yourself there’s always the option to use the open source template directly.
Review and Download
As you enter your information the preview updates in real time, letting you see the results of your efforts. Whenever you’re ready, click the download link to get an HTML copy of your plan. This filled, custom version contains just clean HTML, no styles, and is ready to integrate into your intranet or CMS, or to open in a word processor or text editor and continue to improve.
This is all at no cost, without any gate-keeping or email-harvesting. Better incident response plans are good for everyone.
Continue to Improve
The customization options in the plan builder are just the beginning. Depending on the requirements of your organization, you’ll very likely want to further improve your plan immediately. The generated plan contains helpful guidance for ways in which you might choose to enhance and expand the baseline.
Sometimes it’s nice to have a second set of eyes to add this next level of polish or to augment your busy team. We’re happy to help take your customizations to the next level, please contact us if we can help.
Built on a Solid Foundation
The plan builder uses the latest version of our concise, directive, specific, flexible, and free template originally released in 2017. We’ve learned a lot since then and that plan has seen numerous improvements; we’re excited to see it continue to improve and expand, and the plan builder will leverage the latest. If you’d like to see improvements to the builder please submit pull requests to the plan template, we love to incorporate great ideas from the community.
A Compliance Head-Start
Besides being a generally good idea, having a customized, effective, and well-practiced incident response plan is required by most compliance regimes and infosec frameworks in common use:
“Management should prepare for potential incidents by developing an incident response plan that is comprehensive, coordinated, and integrated with existing institution policies, procedures, and training …”
“Protect the organization’s information, as well as its reputation, by developing and implementing an incident response infrastructure (e.g., plans, defined roles, training, communications, management oversight) …”
“Establish and maintain a plan to enable the business and IT organizations to respond to incidents and quickly adapt to disruptions …”
These are far from comprehensive, but clearly illustrate how pervasive the idea of good incident response planning is, and how critical it is to many industries. Different frameworks have different requirements for their plans, but all benefit from a solid starting point.
Our incident response plan builder provides a convenient way to build a customized incident response plan for your organization. Give it a try, let us know what you think - we’re constantly looking for ways to make this more useful to the community. And if you’d like some help with incident response planning, incident response itself, or anything else infosec, don’t hesitate to contact us.