ABSTRACT
If you are involved with information systems within an
organization-whether at the highest levels of technical
management or the end user in a remote office-you will
ultimately be faced with a security incident. Managing a
security breach life cycle encompasses many managerial,
technical, communication, and legal disciplines. To sur-
vive an event you need to completely understand the event
and the impacts of properly measuring and investigating.
When reporting an incident, the information provided will
be scrutinized as it rolls up the ranks of the organization.
Ultimately, as the report gains more attention and it nears
the possibility of publication, the structure of the incident
report and supporting information will be critical.
