ABCDEFGHIJKLMNOPQRSTUVWXYZAA
1
2
Incident Severity Definitions
3

What is this template for?
Incidents happen. Whether its a production bug or a security event, it's important that we are prepared and ready to respond. The last thing we want to do in these stressful circumstances is waste time arguing about how serious the issue is. Incident severity defintions allow you to decide in advance what constitutes a severe incident and how you would expect to respond.

Why should you use this template?
To understand and define the characteristics of software security incidents by severity.

How to use this template?
Complete the template in the tab named "Incident Severity Definitions". Use the example to guide you.

Usage tips:
1. Every organization and context is different, make sure your definitions and severity levels suit your environment and risks.
2. Security is a team sport, invite your team mates to collaborate - this will be helpful when you come to use these definitions later.
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100