ITIL / ISO 20000 Incident Response and Handling Procedures Checklists Free Download

Download free ITIL / ISO 20000 Incident Response and Handling Procedures Checklists. This simple checklist contain some of the information such as
1. Determine appropriate response.
• Identify the problem
• Initially, assess the situation to determine current status (e.g., Did an incident occur? Is it over? Is it still spreading?)
• Determine if criminal in nature; if so, contact law enforcement; else dispatch the response handler to the scene to preserve evidence
• Determine if keystroke monitoring is required

2. Collect and safeguard the information
• Ensure that audits are turned on (they should be already on) and that they cover the entire period during which the file was accessible
• Obtain the most volatile evidence, including human testimony
• Record everything: annotate date/times, actions taken, interviews/ contacts, extent of problem, etc.
• Log the information in a medium that maintains the integrity of the investigation (i.e., a bound legal notebook that would reveal missing pages using ink rather than pencil)

3. Contain the situation. At this point, the threat (e.g., malicious code) has occurred.
• Determine if the system/network must be shut down or taken offline
• Estimate the impact to operations if the system/network is taken offline
• Determine best course of action to minimize downtime
• Follow procedures for appropriate measured response for isolation