CIS Security Response Process

Description: The CIS Security Response Process enables to react when incidents are confirmed by taking actions to stop the attack, fix the fault, or mitigate the effect of either. The incidents are managed to ensure that they are responded in an effective manner. Decision on how to respond need to be evaluuated and then coordinated and disseminated with other stakeholders. ‘Initial state ‘ A CIS Security Incident Report about a suspicious/malicious activity is received. ‘End state ‘ the suspicious/malicious activity is handled. This activity has no more ability to affect, modify or infect the CIS and a CIS Security Recovery Order is emitted.