• Incident Management Framework

• Incident Manager

• Define Process Policies, Standards, and Conceptual Models

• Assign Priority

Agreed approaches to handling specific types of incidents.  There may be incident models for incidents on specific platforms, for well-known security incidents, for major incidents, etc. 

An incident model should include the following:

• Procedures to be followed
• How long it should take to handle the incident
• Who is responsible for each aspects of the procedures
• Documentation that must be recorded along the way
• Escalation procedures (if necessary)