Elements and Performance Criteria
- Confirm cyber security incident and contribute to its containment
- Confirm nature and location of cyber security incident according to organisational policies and procedures
- Estimate risk, likelihood and potential consequence of incident according to organisational response procedures
- Assist in ensuring that cyber incident is contained according to legislative requirements and organisational cyber security incident response plan
- Assist in confirming no further risks according to legislative requirements and organisational response procedures
- Communicate information on cyber security incident
- Escalate cyber security incident with required workplace personnel according to organisational policies and procedures
- Consult with required internal and external stakeholders on communication needs relating to cyber security incident
- Assist in alerting required external parties according to legislative requirements and organisational procedures
- Contribute to post-incident activities
- Support post-breach review and reporting
- Assist in identifying lessons learnt from incident response and recommended changes to cyber security response plan
- Assist in updating cyber security response plan to reflect review outcomes according to organisational policies and procedures
- Communicate lessons learnt and recommendations to required personnel