Responding to an information technology incident

How you respond to information technology (IT) incidents determines how well your business recovers, and also influences customers' ideas about your reliability.

An IT incident can be confined to the IT components of your business, such as a denial of service attack that targets your business. An IT incident can also be part of a wider business crisis, such as widespread damage to networks due to natural disasters.

Your IT risk management plan and business continuity plan should include:

  • IT incident response plans
  • emergency response plans
  • recovery plans.

IT incident response plans

IT incident response plans identify principal IT risks and the steps you need to take to mitigate effects or damage. They may include details of key staff who need to be notified, priority actions, communication plans, contact lists and an event log to record actions taken.

Emergency response plans

IT incidents may be the result of a wider crisis, such as an explosion, bushfire or flood. In any emergency situation the safety of staff and members of the public are your first priority. An IT incident response plan should integrate with and support emergency response plans.

IT incident recovery plans

A recovery plan will help you respond effectively if an IT incident or crisis affects your business. A recovery plan can shorten recovery times and minimise losses, and should include:

  • strategies to recover your business activities in the quickest possible time
  • a description of key resources, equipment and staff required to recover your operations
  • your recovery time objectives.

Read more about developing an incident recovery plan.

Also consider...