The Security Incident Response Policy, from TechRepublic Premium, describes the organization’s process for minimizing and mitigating the results of an information technology security-related incident.
From the policy:
The policy’s purpose is to define for employees, IT department staff and users the process to be followed when experiencing a suspected IT-security incident.
This policy can be customized as needed to fit the needs of your organization.
All IT staff, employees, contractors, volunteers, board members and users of any organization-provided computer, device, system, network, application, cloud service or platform are covered by the policy’s terms.
Due to the potential impact of a technology-related breach, malware infection or incident, there are no exceptions to this policy.