One of the three core activities your information security architecture and management framework must deliver to your organisation is proactive business technology information security incident management. The business must be able to detect and proactively respond to attempts to breach the defined and implemented protection around its information flow channels and contents.
Appropriate structures need be built into every critical business information asset based on the value and risks to the organisation.
Incident response needs to be proactive or within the least /shortest possible timeframe for your organisation. Also, incident response activities (and management of) must be in compliance with appropriate regulatory requirements to ensure that your business and organisation can remain under indemnity in the event that becomes necessary.
For some organisation, the design, implementation and operation of business information security incident management frameworks need to comply with Records Act, Privacy Act, Lawful Interception rules, etc. At the surface many of these requirements may appear to be diametrically opposite and with contending requirements. But we have developed a framework to help organisations achieve a balanced architecture that delivers a cost effective incident management capability.
We can help you.