How Would You Handle Computer Incident Reporting?

How would you handle computer incident reporting? Well, don’t say no one ever asked your opinion. The United States National Institute of Standards and Technology (NIST) is seeking feedback on that very topic. The NIST Computer Security Incident Handling Guide, Draft SP 800-61 Revision 1, is available for public comment. The goal of the guide is to assist organizations in mitigating the risks from computer security incidents by providing practical guidelines on responding to them effectively and efficiently. The publication includes guidelines on establishing an effective incident response program, but the primary focus of the document is detecting, analyzing, prioritizing, and handling incidents. It updates the original publication, which was released in 2004. NIST requests comments be emailed by Nov. 9, 2007. Please submit comments to 800-61comments@nist.gov with "Comments SP 800-61" in the Subject Line.