Page:
security-incident-response
Pages
Home
development architecture
development conventions
development patterns
development setup
development
features
governance
learnings
product-data-capture-analysis
product-observability-user-stories
product roadmap
product-user-guide
product vision
product
releases
security-access-control
security-audit-trail
security-change-management
security-incident-response
security-information-security-policy
security-risk-register
security
No results
1
security-incident-response
Jochem de Boer edited this page 2026-04-13 14:33:49 +00:00
Incident Response
Incident Classification
| Severity | Definition | Response Time | Examples |
|---|---|---|---|
| Critical | System down, data breach | Immediate | Production outage, unauthorized access |
| High | Significant impact, no data loss | 4 hours | Service degradation, failed deployment |
| Medium | Limited impact | 24 hours | Non-critical bug in production |
| Low | Minimal impact | Next business day | Minor UI issue, documentation error |
Response Procedure
1. Detection & Reporting
How incidents are detected and who to notify.
2. Triage & Classification
How to assess severity and assign ownership.
3. Containment
Immediate steps to limit damage.
4. Resolution
How to fix the issue.
5. Post-Incident Review
Root cause analysis and prevention measures.
Incident Log
| Date | Severity | Description | Resolution | RCA Complete |
|---|
Last reviewed: Not yet reviewed
Product
Development
Security & Compliance