The SIRT Team is responsible for timely and accurate documentation of every step in the security incident investigation. This documentation can best be organized using the following sample SIRT Team Incident Report Format.
Security Incident Response Report Format
(Note: Critical and major incidents require paging the SIRT Team Leader immediately.)
A. Incident Response Data Collection
This portion of the security incident documentation is concerned with documenting the “when” and “what” for the particular incident. Critical and Major security breaches or incidents will require SIRT ...