Putting Your Incident Management Playbook Into Action: Part 3 – Assess

Putting Your Incident Management Playbook Into Action: Part 3 – Assess

In previous installments of this series, we have looked at the preparation and investigation stages of putting your incident management playbook into action. In the third part of the series, we take a closer look at the actions that incident response teams need to take in order to assess the severity of a security incident and understand remediation actions. 

Assess the Incident

Through the assessment stage, incident response teams should consider a few key steps to understanding the severity of the incident. In this video we explore:

• Determining if the information at risk is protected by jurisdictional or sectoral laws
• Classifying the severity level of the incident
• Establishing a remediation plan
• Developing a plan for notifying the affected individuals and appropriate regulatory bodies 
• Assessing customer and vendor notification obligations 

Further resources for incident management: 

• Get started: OneTrust Incident Management
• OneTrust eBook: Incident Management Playbook
• OneTrust Resource: Incident Management Tabletop Exercise

Follow OneTrust on LinkedIn, Twitter, or YouTube for the latest on incident management.