Incident Preparedness

Cyber intrusions and data breaches continue to grow with year on year increases in both frequency and amount of data and records compromised.

Incident Response

Organisations must prepare now, not only on how to respond to security Incidents, but also how to respond to a data breach in a world where speed and transparency are key to securing customer trust.

It takes practice and repetition to succeed in any field, and responding to incidents is no different, yet many organisations do not invest the time or resources in preparing for an unexpected cyber security incident.

Our expert Incident Preparedness service can provide an organisation with the confidence that their incident response policies, plans and procedures are fit for purpose, comply with any required standards and would enable them to recover from a cyber-incident with the minimum of disruption.

We recognise that no single solution will be applicable for every client and therefore tailor the service to the needs of the organisation throughout the delivery.

Key Benefits

  • Assurance that your incident response plans are fit for purpose.
  • Verification of compliance to required standards.
  • Confidence that you could recover from a cyber-incident with the minimum disruption.


Incident Preparedness service begins with client engagement, focussing on what the organisation is looking to achieve. Our team will seek to understand current incident response maturity, what plans or teams are already in place, whether any frameworks or standards are to be used and whether the organisation has experienced any incidents before. We also explore what the client would like to achieve at the end of the engagement, for example: a 3rd party assurance report, a workshop to increase knowledge, a report highlighting how they can improve or a programme of exercises to test how they respond.

Analysis & Reporting

Once the scope is fully defined our team will complete a detailed analysis of the organisations current documentation. This may include review of policies, procedures, processes, details (including lessons learned) of previous incidents, call-out or notification lists, playbooks, outcomes of exercises and communication plans.  Where guided by the client, we will also engage directly with the organisation’s team members.  For example, if a procedure is understood by staff, but not fully documented, details of this can be gathered through interviews. 

With all documentation captured, and analysis is carried out to:

  1. Identify the current maturity of the organisation.
  2. Identify the maturity level the organisation aspires to.
  3. Assess the gap or delta between them.
  4. Determine the work required to achieve the desired maturity level.


The outcome of this analysis is presented in a written report, alongside the top-level impact of the findings and suggested next steps.


If the assessment suggests that development and/or remediation is required to improve incident preparedness capability, we can continue to work with the client to develop their incident response strategies and approaches, and to help them implement it across their organisation.

Testing & Exercising

Once the organisation is confident in its incident response plans we can then work with them to deliver well-developed, tailored table top exercises designed to test procedures and validate playbooks.