incident response - management approach

[TeamSecure <teamsecure () bigfoot com>]

Dear All,

We would like to set up a list of rules for incident response.
Therefore I would to welcome any suggestions, links or articles
what an organisation should do after a minor, medium or major
incident has happened in a company (not only cyber-crime)?
When to contact the law enforcement agencies and also what
consequences should they bare in mind when doing that.
Above all, we need to convince top management to be proactive
in this game. Even incident response perhaps is partially a
top management activity?


Thanks,


TS.