In terms of incident response, being able to identify the issue at hand is a critical piece of the preparation puzzle. An article in Swimlane describes how to work with your company’s team to ensure they can properly respond when an emergency occurs. Instead of leaving identification of issues open to variations in expertise and resources, the article suggests using NIST (National Institute of Standards and Technology) guidelines to formalize the process and build on a baseline measurement to establish a framework.
The article also indicates the following questions to be answered when determining if there has been an incident:
have there been violations of a) laws or regulations (PCI/DSS, HIPAA, FERPA) or public notification required? b) corporate policy and c) corporate values and/or ethics.
Source:
https://swimlane.com/blog/the-role-of-preparation-and-process-in-incident-response/