Incident Management (Contingency Planning) Templates

The incident management (contingency planning) process should, therefore, encompass:

Immediately limiting or restricting any further impact of the incident;
Identification of the incident, and of its seriousness, with any analysis necessary to ascertain its cause(s), including the vulnerabilities it exploited;
Tactics (which are in line with organizational priorities and affordable) for containing the incident, so that damage does not spread;
Corrective action, which should be carried out only after appropriate planning (remember the PDCA model) and which should also aim to prevent recurrence;
Communication, certainly with those affected and with those involved in the corrective action; and
Reporting the incident internally, almost certainly to the management information security forum (or whatever alternative oversight mechanism the organization has put in place).