Incident Response Plan
Reviewed on: 2026-01-21 Status: Draft (requires deployment-specific approval)
This is a baseline incident response plan for Primus deployments. Customize for your organization and approve before production.
Severity Levels
- SEV1: Active breach, widespread outage, or data exfiltration.
- SEV2: Partial outage or high-risk vulnerability exploitation.
- SEV3: Contained issue with limited impact.
Response Phases
- Detect and triage
- Contain and isolate
- Eradicate root cause
- Recover services
- Post-incident review
Required Roles
- Incident commander
- Security lead
- Engineering lead
- Communications lead
Minimum Artifacts
- Timeline of events
- Impact assessment
- Root cause analysis
- Remediation actions
- Follow-up tasks
Review Log
- 2026-01-21: Baseline plan documented. Approval pending.