Incident Response Plan Block
Document incident response procedures with severity levels, triage steps, resolution actions, and communication plans.
The Incident Response Plan block documents how to handle specific types of incidents. It captures the incident type, severity, detection methods, triage steps, resolution procedures, communication requirements, and post-incident actions.
When to Use
Block Properties
| Property | Required | Description |
|---|---|---|
| Incident Type | Yes | Category of incident |
| Severity | Yes | Critical, High, Medium, or Low |
| Detection | No | How the incident is typically identified |
| Triage Steps | No | Initial assessment actions |
| Resolution Steps | No | Actions to resolve the incident |
| Communication Plan | No | Who to notify and how |
| Post-Incident Actions | No | Follow-up activities after resolution |
| Owner | No | Responsible team or role |
Severity Levels
Example: Critical Severity
A database outage requiring immediate response.
Example: High Severity
A security breach requiring coordinated response.
Example: Medium Severity
A service degradation affecting some users.
Example: Low Severity
A minor issue with limited impact.