As systems continue to become more critical to the personal and economic welfare of our society, organisations (public and private sector groups, associations and enterprises) must understand their responsibilities to the public good and to the welfare of their memberships and stakeholders.

This responsibility extends to having a management programme for 'what to do, when things go wrong'. Incident management is a programme which defines and implements a process that an organisation may adopt, to promote its own welfare and the security of the public.

There are three basic types of events:

• A normal event does not affect critical components, or require change controls, prior to the implementation of a resolution. Normal events do not require the participation of senior personnel or management notification of the event.
• An escalated event affects critical production systems, or requires the implementation of a resolution that must follow a change control process. Escalated events require the participation of senior personnel and stakeholder notification of the event.
• An emergency is an event which may;
• impact the health or safety of human beings
• breach primary controls of critical systems
• materially affect component performance or, because of impact to component systems, prevent activities which protect or may affect the health or safety of individuals
• be deemed an emergency as a matter of policy or by declaration by the available incident coordinator.

Computer security and information technology personnel must handle emergency events according to a well-defined computer security incident response plan.