|
URL: http:// www.ietf.org/rfc/rfc2350.txt
The purpose of this document is to express the
general Internet community's expectations of Computer Security Incident
Response Teams (CSIRTs). It is not possible to define a set of requirements
that would be appropriate for all teams, but it is possible and helpful to list
and describe the general set of topics and issues that are of concern and
interest to constituent communities.
CSIRT constituents have a legitimate need and right
to fully understand the policies and procedures of 'their' Computer Security
Incident Response Team. One way to support this understanding is to supply
detailed information which users may consider, in the form of a formal template
completed by the CSIRT. An outline of such a template and a filled in example
are provided.
|
