There exist various theories concerning managing employees during a crisis scenario. Nevertheless, security incident response tactics should be viewed as a unique application of contingency management theory that can be coupled with sound risk management practices to enable appropriate situational resolution. Contingency management practitioners assume finding and applying relevant available resources suitable for a circumstantial answer to a managerial concern will render the appropriate solution to an incident. Conjoined, risk management incorporates a systematic approach for identifying risk and defining the impact on an entity’s ability to provide goods and/or services. Therefore, security incident response applicability can be found in availability, responsibility, and authority contingency management attributes directed toward addressing ‘at risk’ information assets.
“View Part I of the Critical Incident Response Elements series here“