Scribd Logo
Upload

Welcome to Scribd!

  • Global Critical Event Conduct Flow

    Uploaded by

    Thad Broome
    29 views1 page
    An event is identified through a user report, system monitoring, or a security team alert. If the event is deemed critical or if 30 minutes have elapsed since the first red flag without resolution, the major event process is activated. The event manager acknowledges the hand-off and initiates the SWAT team's response. Regular updates are provided to IT leadership, staff, and management for coordination. The IT I/O and EAD teams take actions to investigate the event's impact and develop a remediation plan. Upon testing and deployment of remediation actions, confirmation of service restoration closes out the event.

    Original Description:

    Workflow for Major Incident management response

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    An event is identified through a user report, system monitoring, or a security team alert. If the event is deemed critical or if 30 minutes have elapsed since the first red flag without resolution, the major event process is activated. The event manager acknowledges the hand-off and initiates the SWAT team's response. Regular updates are provided to IT leadership, staff, and management for coordination. The IT I/O and EAD teams take actions to investigate the event's impact and develop a remediation plan. Upon testing and deployment of remediation actions, confirmation of service restoration closes out the event.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    29 views1 page

    Global Critical Event Conduct Flow

    Uploaded by

    Thad Broome
    An event is identified through a user report, system monitoring, or a security team alert. If the event is deemed critical or if 30 minutes have elapsed since the first red flag without resolution, the major event process is activated. The event manager acknowledges the hand-off and initiates the SWAT team's response. Regular updates are provided to IT leadership, staff, and management for coordination. The IT I/O and EAD teams take actions to investigate the event's impact and develop a remediation plan. Upon testing and deployment of remediation actions, confirmation of service restoration closes out the event.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 1

    Conducting a Major Event occurrence

    High-Level process flow

    Event Identified
    - User Report
    Source

    - System Monitoring
    IT Standard Incident process Event closed
    - Security team alert

    Red Flag

    No
    NOC / SVC DESK

    30 mins
    Activation of Initial Event Alert
    Incoming TRIAGE Critical Elapse since
    Yes Yes Major Event Posted / Distributed
    Event Report Questions Event First red flag
    Process
    Event Manager

    Comms Plan
    Update of Initial
    Event Manager SWAT Initiate d IT Leadership Event
    Major Event Event Alert Regular Updates
    Process
    Acknowledges Event Response
    - Senior Mgt
    IT Staff Management Closure
    hand-off Team Actions SWAT Team Coo rd ination
    - IT Staff
    Bus. Stakeh older
    IT I/O Team

    I/O Actions

    RCA
    and
    Validation of Problem Mgt
    Testing of
    IT EAD Team

    issue
    Event Impact remediation
    Deployment of remediation Assignment of
    and plan
    EAD Actions remediation Problem ownership
    Remediation
    actions Confirmation
    Investigation Sign-off on
    of service Setting of follow up
    action steps
    restoration date
    3rd Party
    Vendor

    Vendor Actions

    You might also like