← Back to Field Manual
Incident Response Plan Template
Copy, adapt and use this as a starting point for your organisation.
Disclaimer: Template only. Not legal advice. Adapt before use.
Purpose
This plan defines how the organisation will respond to suspected cyber incidents.
Immediate actions
- Stop and preserve evidence.
- Report to the named incident contact.
- Contain affected accounts, devices or services.
- Record decisions and times.
- Escalate where data, money or critical services may be affected.
Roles
| Role | Name | Contact |
|---|---|---|
| Incident Lead | [Name] | [Contact] |
| IT Provider | [Name] | [Contact] |
| Senior Decision Maker | [Name] | [Contact] |