π‘
Executive Overview β triggers, activation protocol, pre-incident prep checklist
π₯
Roles & Responsibilities Matrix β IR Lead, Comms, Legal, IT, HR, Executive Sponsor
π¦
Severity Classification Framework β SEV 1β4 definitions, response times, team activation
π
Containment, Eradication & Recovery Checklist β step-by-step for each phase
π
Evidence Preservation Protocol β chain of custody, volatile data capture, what NOT to touch
π
Communications Templates β internal, customer, HIPAA 60-day, GDPR 72-hour, SEC 8-K
π―
3 Tabletop Exercise Scenarios β ransomware, BEC/wire fraud, insider data theft
π
Post-incident Review Template β response evaluation, action items, maintenance log
π
Vendor Contact Sheet β DFIR, breach counsel, cyber insurer, FBI IC3, CISA
βοΈ
Regulator Notification Deadline Reference β HIPAA, GDPR, SEC 8-K, NYDFS, DORA, state AGs, PCI DSS