When a security breach occurs, IT teams that are armed with incident response checklists will be better prepared to execute a fast and effective response.
The 'Jump Bag'
The SANS Institute, a leading source of information for incident responders, recommends that each team member keep a "jump bag" of important tools on hand. In the event of a security incident, this will enable them to initiate a "grab-and-go" response at any time. This checklist should contain all the tools needed for rapid response, including USB drives, up-to-date anti-malware applications, Forensic Toolkits (FTK) or software like EnCase, network cables, hard drive duplicators and more. One of the most important tools to keep in this bag is an incident handler's journal, which should be used to document the who, what, where, when and why of an incident.