PDS logo Computer Security Incident Response Plan (CSIRP)
Process Resource Center

Intent and Key Definitions...

Intent: Computer incident response plans are difficult to construct and even more difficult for all stakeholders to understand. Traditional text-based document delivery makes it harder to create and understand. This web-based visually-focused framework dramatically improves incident response delivery and total team comprehension and execution. This Computer Security Incident Response Plan (CSIRP) framework modeled utilizes the NIST SP 800-61 R2 Incident Response Life Cycle as the foundation. It's supported by a volume of additional authoritative documents from NIST, SANS, Homeland Security, ISACs, Mitre, specific vendors, and more. The framework's visually design combined with intuitive dynamic navigation eliminates the confusion associated with this complex, technical domain. Incident-specific resources are readily available at the fingertips of the response team and appropriate stakeholders. Please provide comments and feedback to the Computer Security Incident Response Team (CSIRT) listed in the navigation panel on the left side of this page.

Key Definitions: Source NIST SP 800-61 R2:

  • Event: Any observable occurrence in a network or system.
  • Incident: A violation or imminent threat of violation of computer security policies, acceptable use policies, or standard security practices.
  • Incident Handling: The mitigation of violations of security policies and recommended practices.

1.3 Build & Maintain Malware-Related Skills

Select document to view...

Watch Video: CSIRP Introduction Total Process View - Shared Responsibility Map 1.1 Create CSIRT Teams, Roles, & Stakeholders' Charter 2.1 Monitor & Detection