- Initiate
- Where should a (potential) incident be reported?
- How will incidents be tracked?
- What are the roles and responsibilities during an incident?
- Communicate
- Where will comms happen? Who will be involved?
- Who will send situation updates? To whom? How often?
- Assess
- Where do we collect information? Who follows up?
- How do we determine severity?