The organization shall ensure that clear persons are assigned to incident management responsibilities, e.g. handling the first response for incidents.
Incident management personnel need to be instructed and trained to understand the organization's priorities in dealing with security incidents.
In the event of an incident , communication with internal and external stakeholders must be in accordance with the incident response plan.
The organization has defined a process and the team involved in responding promptly to security incidents and deciding on the appropriate actions.
The first level response process includes at least: