Incident Management

Evaluates executive accountability, policy framework, resource allocation, and strategic alignment.

Assesses team structure, staffing, skills, training, and readiness of incident response teams.

Evaluates monitoring capabilities, detection mechanisms, alert management, and threat intelligence integration.

Evaluates classification schemas, severity definitions, prioritization processes, and major incident criteria.

Assesses response procedures, containment strategies, eradication capabilities, and coordination during incidents.

Evaluates internal and external communication, regulatory notification compliance, and crisis communication.

Assesses forensic readiness, evidence collection, chain of custody, and support for legal proceedings.

Evaluates recovery procedures, service restoration, validation testing, and business continuity integration.

Assesses post-incident reviews, root cause analysis, lessons learned, and continuous improvement.