Handbook for Computer Security Incident Response Teams (CSIRTs)
The document is aimed at aiding the planning, creation and development of CSIRTs: teams trained specifically to deal with IT security incidents.
One of the principal tasks of such teams is to act in emergencies, once irregularities or incidents have been detected, as a kind of “IT emergency service”. They are also set up to carry out preventive measures, publishing documents and promoting security training.
The document explains procedures and policies for implementing this kind of service. The “Handbook for CSIRTs” also describes how teams should interact with other organizations and how sensitive information should be handled.
Download the paper in PDF format here.