Incident Response Program Development

Get customized incident-response planning

Next Steps:


With our Incident Response (IR) Team at your side, you’ll receive expert guidance in building your IR program. We understand an IR program impacts many groups within your organization. Our approach is cross-functional and inclusive of all stakeholders. We create a custom plan so you can be assured it is relevant to your organization. Our methodology consists of a modular framework, allowing you to choose components. We also produce an IR program handbook that is easily updated. This allows you to keep your plan current as personnel, networks, and equipment change.

Key Benefits

The primary objective of an Incident Response (IR) program is to establish and maintain the ability to identify and respond effectively to computer security incidents. During Incident Response Program Development, Foundstone tailors a proven, formal investigative process to respond to and resolve computer security incidents at your organization. These incidents include network-based attacks such as email viruses, denial-of-service (DOS) attacks, unauthorized access, inappropriate use of network resources, and any other type of unauthorized, unacceptable, or unlawful activity involving your organization’s computer networks and data processing equipment.


Foundstone Professional Services Incident Response Program Development is based on a seven-step process:

  • Client interviews
  • Gap analysis
  • Creation of Incident Response (IR) documents
  • Internal IR training
  • Dry-run exercises
  • Management presentation
  • Plan adoption and sign-off

A typical IR program management engagement ranges from 8 to 12 weeks, depending on the size of the organization, the maturity of the existing plan, and the number of stakeholders.