Lost Password? No account yet? Register
  • Increase font size
  • Decrease font size
  • Default font size

WWW.BS25999.COM

Sunday
Jul 06th
Home arrow Content arrow Incident Management arrow Generic Incident Management Concepts
Generic Incident Management Concepts PDF Print E-mail

The broad objective of incident management is to enable the organisation to recover from a disruptive event.

In the broader sense an incident management framework can be used for all manner of events, not necessarily those which might be traditionally labelled as business continuity. These might be financial, reputational or information security for example.

 

 

The standard incident management framework works on the 4C principle.

Confirm

Find out what has happened

Create an initial impression of the nature of the incident.

Inputs may come from staff members, external agencies, monitoring equipment and the media. In the initial stages of an incident it is not likely that this initial picture will be 100% correct but this is not an impediment to action.

Share that initial impression with others as appropriate but always caveat that impression with the likelihood that it may not be accurate.

The impact on the organisation may not yet be clear but beyond safety issues confirming the incidents impact on the organisation should be a prime activity.

Contain

Make sure things don't get worse

This may not always be possible without additional actions but it should always be one of the initial actions. The initial incident trigger may have already happened and concluded, for example a building burning down but this may not always be as simple as that, a computer virus infection may be contained by rapid action for example.

Control

Get a grip of the incident and work out what you are going to do

The incident management plan and business impact analysis should be intimately linked, the BIA having identified mission critical activities. The defined business continuity strategies will have also identified the methods by which the organisation has chosen to recover.

The incident may be controlled and managed using a wide variety of processes specific to both the nature of the incident and the organisational goals/resources.

Communicate

Let subordinates, other teams and stakeholders know what they need to, what they should do and what they need to tell you. Handle the media

There is little point to incident management without being able to direct others and receive feedback.

Effective communications is vital to the incident management process.

Normally the incident management procedure will be triggered by a number of methods, depending on the nature of the incident and the time it happened. For example, a building fire in the middle of the night might first be known about by the onsite security team. A safety related incident might be triggered by an accident report or a security incident first known about by the IT Manager.

Incidents by their very nature are varied and the means of actually getting to the incident management phase and the decision making processes should be thoroughly tested and thought through.

 

 

These are iterative processes and does not need to be completed before moving onto the next stage, the full details of an incident may not be clear for several days and do not preclude addressing the other processes.

The main quality of any incident management plan is flexibility, too rigid structures and procedures are unlikely to meet the needs of all incidents.

Within this framework it is vital that the safety of individuals is the first priority.

Checklists are an effective means of working through the incident in a logical manner without missing anything

 

Document author: Harvey Fawcett

 

 

 

 

Comments (0)add
Write comment
smaller | bigger

security image
Write the displayed characters


busy
 
< Prev   Next >
[ Back ]