Skip to main content

Incident Response

Incident Response Program Plan

A response planning project defining roles, escalation paths, communications, and post-incident improvement activities.

Organization
Cybersecurity Internship Portfolio
Duration
2 weeks
Project Type
Incident Response
NIST CSFCIS Controls

Business Context

Why the work mattered

The organization needed a practical incident response structure to reduce confusion during security events. The project emphasized roles, communications, escalation, and recovery coordination.

Objectives

Engagement goals

Define incident roles and responsibilities.

Create an escalation workflow.

Prepare stakeholder communication guidance.

Include lessons learned and improvement tracking.

Methodology

Structured process

The methodology explains how the work moved from context gathering to documented recommendations.

  1. Step 1

    Role Definition

    Clarify accountability during incidents.

    Defined response roles across security, IT, leadership, legal, and communications.

  2. Step 2

    Lifecycle Mapping

    Align response with recognized lifecycle phases.

    Mapped preparation, detection, containment, eradication, recovery, and lessons learned.

  3. Step 3

    Tabletop Scenario

    Test readiness through discussion.

    Created a scenario prompt and facilitator questions for response rehearsal.

Deliverables

Artifacts produced

Preparedness

Incident Response Plan

Documented response lifecycle, roles, escalation, and communication expectations.

Reduces ambiguity when timely decisions matter.

Skills Demonstrated

Professional competencies

Incident PlanningCommunication PlanningTabletop Design

Outcomes

Project impact

  • Response responsibilities were made explicit.
  • The plan supported future tabletop exercises and continuous improvement.

Lessons Learned

Professional growth

Preparedness depends as much on communication clarity as technical response steps.

Related Projects

Continue exploring

Governance

Governance Policy Development

A structured policy development engagement aligning security expectations with business objectives and recognized frameworks.

ISO 27001NIST CSFCIS Controls
Policy DevelopmentControl MappingTechnical Writing
View case study

Internal Audit

Internal Cybersecurity Audit

An internal assessment that reviewed security controls, documented gaps, and produced a prioritized remediation roadmap.

NIST CSFCIS ControlsISO 27001
Internal AuditGap AnalysisRisk Reporting
View case study

Risk Management

Enterprise Risk Assessment

A risk assessment project documenting assets, threats, likelihood, impact, and treatment options for management review.

CIS RAMNIST CSFISO 27001
Risk AssessmentRisk RegisterBusiness Impact Analysis
View case study

Discuss GRC opportunities

Contact Osen after reviewing this project or download the resume for a concise overview.