Skip to content

Procedures to

Establish an ICS4ICS program and enable your team to perform during an incident with proven procedures.

ICS4ICS created templates to help companies and organizations develop procedures that should be developed as part of deploying an ICS4ICS program. These procedures will enable companies and organizations to make various decisions and act during an incident:

  • Ransomware Procedure

    Can be used to define company policies and legal requirements when considering paying ransomware. The procedure establishes a team authorized to make ransomware decisions.

    Template

  • Government Reporting Procedure

    Can be used to define company policies and legal requirements to guide government reporting decisions related to cyber incidents. The procedure establishes a team authorized to make government reporting decisions.

    Template

  • Escalation-Notification-Declaration Procedures

    Can be used to define company escalation procedures with criteria for when an Incident Commander should be informed of a major event. The document includes sample criteria for declaring an Incident and information about notification alternatives.

    Template

  • IT and OT Procedures

    Help to prepare staff to make and execute IT and OT decisions during a cyber incident. For example, IT or OT procedures may be needed to isolate or shutdown ICS/OT systems that have been infected with malware. A procedure may be needed to help onsite IT and OT staff to assess problems before calling support staff.

    Template

ICS4ICS Exercise Team

The ICS4ICS exercise team creates most of the ICS4ICS exercise materials and many of the ICS4ICS resources. The team meets monthly.

Monthly Newsletter

Want to be added to the ICS4ICS monthly newsletter or join some of the eICS4ICS teams?