Get on to Cert.org, probably on this link
http://www.sei.cmu.edu/publications/documents/04.reports/04tr015.html
Also NIST has something on this topic, I saw sometime back.
Regards,
Lalit Gupta "LG"
Specialist-Information Security
IT & IS Department
-----Original Message-----
From: Smith, Jacqui [mailto:Jacqui.Smith@atosorigin.com]
Sent: Monday, July 25, 2005 9:34 PM
To: security-management@securityfocus.com
Subject: Major incident response procedure
Hi, I wonder if anyone has guidelines on the above subject,
specifically around communications to users and best practices.
Many thanks
Jacqui
________________________________________________________________________
__
This e-mail and the documents attached are confidential and intended
solely for the addressee; it may also be privileged. If you receive this
e-mail in error, please notify the sender immediately and destroy it.
As its integrity cannot be secured on the Internet, the Atos Origin
group
liability cannot be triggered for the message content. Although the
sender endeavours to maintain a computer virus-free network, the sender
does not warrant that this transmission is virus-free and will not be
liable for any damages resulting from any virus transmitted.
________________________________________________________________________
__
#####################################################################
THIS EMAIL MESSAGE IS FOR THE SOLE USE OF THE INTENDED RECIPIENT(S) AND MAY
CONTAIN CONFIDENTIAL AND PRIVILEGED INFORMATION. ANY UNAUTHORIZED REVIEW, USE,
DISCLOSURE OR DISTRIBUTION IS PROHIBITED. BEFORE OPENING ANY ATTACHMENTS PLEASE
CHECK FOR VIRUSES AND DEFECTS. IF YOU ARE NOT THE INTENDED RECIPIENT, PLEASE
NOTIFY US IMMEDIATELY BY REPLY EMAIL AND DELETE THE ORIGINAL MESSAGE.
#####################################################################
