Information Security Manager (ISM)
The Information Security Manager (ISM) is responsible for maintaining the confidentiality, integrity, and availability of the Organization’s business information. As such, the ISM has senior-level responsibility for the incident response plan.
If an incident has the potential to compromise or disrupt confidentiality, integrity or availability, the ISM has the authority to declare it an incident requiring activation of this plan, as well as the authority to suspend the plan or announce the end of the incident and return to normal operations.
In the absence of the ISM, authority passes to the chief executive or designee (i.e. Leader Alternate).
Incident Response Team (IRT)
The Incident Response Team (IRT) is responsible for working with the ISM to manage recovery from an information security incident or disruption in accordance with this plan.
The ISM will convene the Incident Response Team if n the event of an information disruption or information security incident.
The following people, at a minimum, named in the Incident Response Team worksheet of Incident-response-management-lists.xls, constitute the Incident Response Team (IRT):
- The Organization’s Information Security Manager (ISM)
- A representative from the Organization’s executive team
- The Organization’s CIO, IT Director and/or IT Vendor
- The Organization’s information security consultant
- Other individuals, perhaps including in-house or external counsel
The Information Security Manager (ISM) is the Team Lead and serves as the main point of contact for all parties involved in the incident response.
Contributed by Citadel Information Group
© Copyright 2017. Citadel Information Group. All Rights Reserved.