Incident Management

Having a program for managing incidents is critical for any company, but especially for financial institutions such as banks, savings associations, credit unions, and trust companies. According to the Interagency Guidance on Response Programs, "a response program should be a key part of an institution's security program." As such, an effective incident response plan should be designed to protect customer and member information, prevent losses, and return systems to normal operation as soon as possible.

Incident Response Plan

Improve your response process with features designed to help you develop and manage your formal Incident Response Plan.

Based on FFIEC-recommended elements, tailor action plans for analyzing, containing, and recovering from an incident; communication guidelines for coordinating with law enforcement, third parties, and customers; and handling processes to help facilitate the institution's resilience.

Tracking & Documenting

Use the incident tracking system to document incidents as they occur. From incident detection through post-incident activities, use the flexible framework to ensure all aspects of an incident are adequately documented and can be referenced to improve future incident response processes.

Timeline

Review updates to incident records using the automated timeline. This audit trail provides a series of date-and-time stamped actions, designed to improve communication among members of the incident response team and provide an authoritative listing of what took place during the response process.

Action Plans

Develop standard response procedures for certain types of incidents. Starting with a base action plan, stack category-specific action plans to build a series of steps for your teams to follow in the event of any type of incident. With both template and custom plans, you can ensure accurate and efficient responses.

CoNetrix offers online software to facilitate the development and maintenance of an incident response plan, following guidance from the Federal Financial Institutions Examination Council (FFIEC), National Institute of Standards and Technology (NIST), and other regulating bodies (e.g., FDIC, FRB, NCUA, OCC, etc.). Our software and templates help institutions comply with expectations in the FFIEC's Information Security Booklet and Cybersecurity Assessment Tool, as well as the FDIC's Information Technology Risk Examination (InTREx) Program.

The Incident Management product also features the ability to track and document the response process through the six stages of an incident as outlined by the NIST SP800-61 Rev. 2, Computer Security Incident Handling Guide. With date-and-time stamped events recorded and ready for download, your organization will be able to regroup after an incident and update the response plan accordingly.

Incident Response Teams

Identify teams to oversee your organization's security incident response processes. To ensure the team can adequately perform, coordinate, and support responses to security intrusions , document each team member's contact information, outline the team's roles and responsibilities, and assign handler roles to team members in the incident tracking system.

Handlers

Define incident handler roles and responsibilities to ensure response processes are comprehensive and coordinated . Create and assign handler roles to ensure applicable personnel understand their role in containing intrusions, restoring systems, communicating with affected parties, and more.

Categories

To enable timely classification of incidents , apply categories to classify the incident and trigger certain responses through associated action plans. Associate template categories (e.g., data breach, malicious code, social engineering, third party, etc.) or create your own.

Preview Action Plans

Review your action plans prior to using them in incident response. Using the action plan preview offers an easy way to ensure action steps are comprehensive, ordered logically, and would be easy to follow in the event of an incident.

Downloads

Effortlessly generate your incident response plan or details about incidents that have occurred to share with your executive team, board of directors, auditors, and examiners.

These customizable documents are available in Microsoft Word and Adobe PDF formats.

Features

The CoNetrix Tandem Incident Management software is feature-rich, including:

• Use global reporting to generate standardized documents
• Start with our template incident response plan text and customize it to make it your own
• Specify roles and responsibilities for incident response within your organization
• Store contact information for third parties needed for incident response
• Create custom sections for your incident response plan document
• Define terms used in your incident response plan with a built-in glossary
• Track an unlimited number of incidents
• Document and track the chain-of-custody for evidence related to incidents
• Create incident handling tasks, assign them to users, and monitor their status
• Run reports to identify gaps in your incident handling

For professional services, ask your account representative about adding Boost Consulting services.