Incident Handling

The Application Procedure follows below:

Incident handling is regarded as the quintessential incident management service – the core business of the majority of CSIRTs. Incident handling has four major components, which are given here in the order in
which incidents occur. First, an incident is reported or otherwise detected (detection). Then the incident is assessed, categorised, prioritised and is queued for action (triage). Next is research on the incident, what has happened, who is affected and so on (analysis). Finally, actions are taken to do all that is necessary to resolve the incident (incident response).