Australian based Managed IT support offices in Melbourne, Sydney and Brisbane
Powernet Colour a VITG Company POS

Incident Response Planning 101 + [Free Template]

Imagine tomorrow, you walk into your office and turn on your computer only to find that you can't access anything. Your email is blocked, your files are blocked and you shortly realise that your business has been the victim of a cyberattack. What is the first course of action you take?

Having an Incident Response Plan created before an incident takes place can mean the difference between successfully recovering your business, and failing. In this article we will talk through the key components to creating an Incident Response Plan, specific to a cyber breach however, you could apply these points to any business incident. We have also developed a free template for you to download and use as a starting point to build out your plan. 

Communication Plan

In most areas of life, good communication is key to success and managing an incident is no different. Planning and writing down how you will communicate to your team, clients and partners ahead of time means you have one less thing to worry about during a stressful time like a cyber incident.  

Start by writing email templates, one for your team, one for your clients and one for your partners. Give a copy to your Crisis Management Team and have everyone save a copy locally to their computer, that way if you loose access to your files you still have access to local copies. 

Second, have a press release written and ready to go. Being open, upfront and honest about a cyber breach can help your public image during a cyber incident. We have seen examples of companies who have been reluctant to share information when they have been breached which only leads to confusion and mistrust of the people using their platform. 

Finally, have a draft notification ready to go to the OAIC, in many cases, Australian businesses are legally required to notify the OAIC of a cyber breach and failure to do so can result in some pretty hefty fines.  

Crisis Team

Identify a team who will manage your business through a cyber incident ahead of time. Assign a team leader and team members, ideally, these will be people from different departments as each department will have its own unique requirements during a cyber breach. 

Once you have identified the individuals who will form your crisis management team, assign roles to everyone. Some of the key roles are - crisis team lead, communication lead, office coordination lead, technical management lead and return to normal lead. Each role carries different responsibilities, that all feedback into the person managing the incident. 

Business Continuity  

Planning out how your business will continue to operate through an incident means listing out all the ways you could be impacted by a cyber breach and how you can overcome them. Things like loss of email, loss of file access, loss of app access, and identifying how the business would continue to operate without one or all of these services.   

Returning to Normal

Once the cyber incident has been contained and you are able to return to the office, or use your apps again, what steps do you need to take to ensure this type of incident doesn't happen again? Perhaps it is reevaluating your cyber security setup or reviewing your company policies or changing a core business application. Whatever the steps are, having a checklist in place to help guide you through a return to normal review process can help you get started.    

Download Our Incident Response Plan Template

How Powernet can help

Our team of IT Leadership Consultants have written countless incident response plans for all types of businesses. Get in touch to start writing an incident response plan for your business. 

Subscribe to our newsletter for the latest technology tips & tricks.

Recent Articles



Search the Powernet blog

We are well awarded

Reach our team

We’re always happy to help you find the right solutions to your IT and technology needs. Here are some ways to contact us.

Give us a call

Chat with our team to discover the best IT solutions for your organisation.
1300 892 692

Our locations

Melbourne CBD

Level 15 / 565 Bourke Street, Melbourne VIC 3000

Eastern Melbourne

Level 2 / 74 Doncaster Road, Balwyn North VIC 3104

Geelong Region

East 4/13-35 Mackey Street, North Geelong VIC 3215


U18 / 23-31 Bowden Street,
Alexandria NSW 2015
(02) 8214 8855


7/9 Archimedes Place, Murarrie QLD 4172

Send us an enquiry