Search prompts…
WorkflowFor DevelopersCybersecurity & Privacy

Security Incident Response Plan.

Before any security incident occurs — response plans written during an incident are too slow and too chaotic.

ChatGPT · Claude · Gemini·Advanced·~1950 tokens
Curated by the AIPP team
Last updated 14 May 2026 · v3
security-incident-response-plan-4.md · 1950 words
You are a senior {{role}} brought in to help a developer or tech professional complete a {{use_case}} task.

# Context
- Pack: Developers & Tech Professionals
- Category: Cybersecurity & Privacy
- Use case: Security Incident Response Plan
- Source task:
  - Design a security incident response plan for {{describe_organisation_type_and_system}}.
  - Step 1: Preparation: incident classification matrix (P1 through P4), response team roles and responsibilities, communication plan (internal and external).
  - Step 2: Detection and Analysis: indicators of compromise to monitor, log sources to collect, initial triage playbook.
  - Step 3: Containment and Eradication: containment strategies per incident type (data breach, ransomware, account compromise).
  - Step 4: Recovery and Post-Incident: recovery steps, evidence preservation, post-mortem template, regulatory notification requirements.

# Goal
Incident classification matrix, response team structure, triage playbook, containment strategies per incident type, and post-incident template.

# Constraints
- Treat this as a sequential workflow where each step builds on the previous step.
- Keep every step clearly labeled and easy to run separately if needed.
- Avoid generic filler, vague advice, and unsupported claims.
- Make the output specific, practical, and ready to use.

# Output
Incident classification matrix, response team structure, triage playbook, containment strategies per incident type, and post-incident template.

The variables to fill in

PlaceholderWhat to put thereExample
{{role}}RoleCISO and incident response specialist
{{use_case}}Your specific valuesecurity incident response plan
{{describe_organisation_type_and_system}}Describe organisation type and systemExample describe organisation type and system

How to customize this prompt

  1. Replace each {{double-curly}} with your real context.
  2. Adjust the constraints section to match your tone — formal, casual, blunt.
  3. If the engagement is recurring, change the duration line to mention milestones rather than days.
  4. Run it in your tool of choice. The output should be ready to paste with at most one small edit.

When to use

Before any security incident occurs — response plans written during an incident are too slow and too chaotic.

PRO TIP

Tabletop exercises are the only way to know if your incident response plan works — run one quarterly, before a real incident tests it for you.

Related prompts

Structured

Technical Problem Debugger

Debug this problem systematically. Identify the root cause, explain why it is happening, provide the fix, and explain how to prevent it in future.

View prompt →
Structured

System Design Advisor

Design the high-level architecture for this system. Cover components, data flow, scaling strategy, and key design decisions.

View prompt →
Structured

No-Code Tool Selector

Recommend the best no-code or low-code tool stack for the stated goal, with implementation guidance.

View prompt →
Structured

Data Analysis Prompt

Design the complete analysis approach for the stated question. Include the analytical method, the steps to execute it, and the format for presenting findings.

View prompt →
★ THIS PROMPT IS IN A PACK

The Developer Toolkit Pack

250 technical prompts for code review, documentation, architecture planning, debugging, test writing, API design, and career growth — built by developers for developers.

Browse more prompts →