Responding to an information technology incident
How you respond to information technology (IT) incidents determines how well your business recovers, and also influences customers' ideas about your reliability.
An IT incident can be confined to the IT components of your business, such as a denial of service attack that targets your business. An IT incident can also be part of a wider business crisis, such as widespread damage to networks due to natural disasters.
- IT incident response plans
- emergency response plans
- recovery plans.
IT incident response plans
IT incident response plans identify principal IT risks and the steps you need to take to mitigate effects or damage. They may include details of key staff who need to be notified, priority actions, communication plans, contact lists and an event log to record actions taken.
Emergency response plans
IT incidents may be the result of a wider crisis, such as an explosion, bushfire or flood. In any emergency situation the safety of staff and members of the public are your first priority. An IT incident response plan should integrate with and support emergency response plans.
IT incident recovery plans
A recovery plan will help you respond effectively if an IT incident or crisis affects your business. A recovery plan can shorten recovery times and minimise losses, and should include:
- strategies to recover your business activities in the quickest possible time
- a description of key resources, equipment and staff required to recover your operations
- your recovery time objectives.
Read more about developing an incident recovery plan.
- Learn about resources to improve the cybersecurity of your business.
- Learn how to prepare an incident response plan, a general plan that is in place in case of a crisis.
- Find out more about keeping your workplace safe.
- Learn how to create a digital strategy for your business.
- Read about how to rebuild your business after a natural disaster.