Cyber Crisis Management Plan
Be ready to manage a major cyber incident, not just respond to it.
Plan Review
Against NIST SP 800-61 and ISO 27035
Tabletop Validation
Plan tested through realistic exercises
Board-Endorsed Plan
An executive-level crisis playbook
IR Leaders
Seasoned incident-response leads
What it is
A Cyber Crisis Management Plan is a documented, board-endorsed plan defining how an organisation detects, escalates, responds to and recovers from major cyber incidents. It assigns roles, decision authority, communication and regulatory-notification steps, and is validated through tabletop exercises.
Who must comply
Boards and executives, regulated entities (financial services, critical infrastructure, government suppliers) and any organisation needing to satisfy regulators, insurers or enterprise customers.
How IntelligenceX helps
Frequently Asked Questions
An IR plan is the technical runbook for handling incidents. A CCMP is the broader executive-level crisis plan covering decision authority, board and regulator communication, legal/PR and business continuity.
By testing it. We facilitate a realistic tabletop exercise, capture gaps in an after-action report and refine the playbooks. A CCMP that has never been exercised is the most common failure we find.
At least annually, and after any major change to your business, systems or threat landscape. Each cycle we run a fresh tabletop, capture gaps and refine the playbooks so the plan stays current rather than becoming shelf-ware.