Incident Management

INCIDENT MANAGEMENT REVIEW & ALIGNMENT

ccm.jpgIn order for POC to fully understand the risks faced by an organisation through fraud and malpractice, POC recommend that a review of the organisational Incident Management Framework is undertaken to ensure that the documentation and investigation processes are aligned with POC’s recommended approach to managing and investigating incidents.

The procedures that we have developed ensure that any incident is managed in accordance with best practice and that the evidence collected is in accordance with evidential standards of admissibility and can be used to:

  • Determine the cause of the incident and assess measures to prevent it from happening again;
  • Prosecute or invoke disciplinary actions to the individual causing the incident to deter future perpetrators;

As organisations become more complex it is crucial that an incident management capability is integrated into day to day business functions. Incident management is not just the application of technology to resolve computer security events, it is also the development of a set of processes and procedures that are consistent, repeatable, measurable, and understood within the organisation.

POC has an extensive team of specialist consultants and investigators who have detailed knowledge of security incident management as well as mitigation and resolution strategies.  This specialist knowledge has allowed POC to develop a successful and auditable set of incident management processes that can be broken down into five key areas:

  • Identification;

  • Impact Assessment;

  • Managing an Incident;

  • Investigating an Incident;

  • Post-Incident Analysis.

The approach is demonstrated in figure 1 below:

incident.JPG