Get Nciipc Incident Report Form

This guide provides a clear and comprehensive approach to filling out the NCIIPC Incident Report Form online. By following the outlined steps, users can ensure that they complete the form accurately and efficiently.

Follow the steps to fill out the form effectively.

1. Press the ‘Get Form’ button to access the form and open it in your editor.
2. Begin with Section A: General Information. Enter the name and address of the Critical Infrastructure (CI) along with the name and contact details of the Chief Information Security Officer (CISO) and the office managing the incident.
3. Next, specify the date and approximate time the incident occurred to provide a timeline of events.
4. Select the type of attack from the provided options by checking the corresponding box. Ensure that you explore all attack types relevant to the incident.
5. In the provided space, write a brief description of the incident. Be concise but include all essential details.
6. Indicate which interface was affected. Options include Public Network, Internal Network, or Other, depending on the specifics of the incident.
7. Detail the incident handling steps taken. Consider immediate actions, long-term strategies, and if a system backup plan was successfully implemented, provide those details.
8. Specify if other agencies, such as CERT, have been informed about the incident. If so, mention them in the designated section.
9. Identify the impact of the incident on Critical Information Infrastructures (CII) assets by checking all that apply.
10. List the number of users affected by the incident to quantify its impact.
11. Document the duration of the incident, including the start and end date and time.
12. Explain the impact on dependent ICT systems as needed.
13. Provide the threat profile including the attacking IP address and source port of the attacking machine.
14. Check the type of attack again from the options provided to ensure accurate categorization.
15. Conduct a root cause analysis by documenting available reports. If any reports are not available, indicate this clearly.
16. Describe the current status of the incident and provide additional details on a separate sheet if necessary.
17. Discuss whether a Crisis Management Plan was offered. Provide a detailed explanation as required.
18. Once all sections are completed, review the form for accuracy. You can then save changes, and download, print, or share the completed form.

Complete your NCIIPC Incident Report Form online today for thorough documentation and effective incident management.