12 Step Incident Response Framework

12 Step Incident Response Framework

Technology

Having a well-constructed incident response plan is imperative. The victims at the VTA expected to go home to their families one day in May 2021, however, no organization can foresee what incident may be coming their way. 

In May 2021, 57-year-old Samuel James Cassidy set his house on fire and headed to the Santa Clara Valley Transportation Authority (VTA) rail yard where he worked. Opening fire in two buildings, Cassidy shot and killed 9 people before killing himself. 

While we all want to believe that we are safe in the workplace, the unfortunate truth is that workplace incidents are a genuine problem, and it’s far-reaching. 

In fact, an estimated 2 million people experience some form of workplace violence every year—and that number only takes into account the reported incidents. It’s likely much higher when considering those events that have not been reported. And workplace violence is just one of many critical event response solutions that organizations may need to tackle. Failing to prepare can have serious consequences to safety and business continuity.  

So, when the unimaginable happens, and an incident occurs, a solid incident response plan is imperative. 

A solid incident response plan is paramount 

The foundation of a response plan has to be strong, but malleable, so that the general steps can be modified as needed, depending on the incident. The outcome of that plan, when it is implemented, will impact your organization in numerous ways. If constructed well, it will protect first responders, minimize damage, provide support after the incident, and identify areas for improvement in the future. 

Cognizance of potential impacts will help create the framework of a solid plan. And by having that framework in place, an organization will: 

  • Instill confidence by having a clear roadmap of incident response 
  • Help you clearly communicate the plan, including how you identified each step 
  • Serve as a checklist, getting—and keeping—you organized 
  • Aid both you and your team to process any new information during the planning and incident design phase 
  • Help you improve protocols faster and more appropriately after every use, so when an incident does occur, the steps are well-executed.  

Creating your incident response plan framework 

Constructing the framework for an incident response management plan can be daunting if there is no focus. An organization knows that they need a plan, but first, they need to identify the critical components that are impacted by a plan’s execution. 

By identifying those components and keeping them in focus, you can construct your plan in such a way that it maintains those components’ integrity, security, and sustainability throughout the process.  

The components of the incident response framework 

There are 12 primary components that should be addressed in any incident response plan. Even when it’s not an obvious element that may be impacted by an incident, consider each one when constructing your framework. 

  • Individuals. The people who are impacted by the event as it unfolds, including victims and emergency personnel 
  • Activities/Services. The organization’s core mission and activities that are being impacted, such as communication, or physical assistance rendered 
  • Information. The critical details that need to be communicated to respondents 
  • Technological/Material assets. Any assets that may be compromised, either virtually or physically, such as sensitive data or inventory. 
  • Infrastructure/Buildings. Anything that would be physically harmed, including office, building, production and distribution lines, roads and bridges, or other critical structures. 
  • Communications. More than ever, we rely on real-time communications, via phone calls, texts, social media or your mass notification system to convey important information. 
  • Reputation/Perception. Credibility is difficult to build, but it’s even harder to regain trust once it is lost. 
  • Contracts. Binding agreements between your organization and other parties. 
  • Finances. Anything that would be impacted fiscally with an incident. 
  • Governance, regulations, and environment. Those rules, regulations, and laws are set up to protect the general populace. 
  • Legal. Protection from any legal liability and upholding local and state laws. 
  • Insurance. Actions to uphold current and future insurance policies. 

Critical steps to keep in mind 

When you’re creating your incident response plan, keep these two things to be cognizant of in each step: 

  • How will any event you may respond to impact the integrity, security, and sustainability of each of the aforementioned 12 components? 
  • How can your organization’s intervention during the incident continue to uphold the integrity, security, and sustainability of these components? 

Originally Posted on Cobalt Intelligence