SGC Job Analysis Questionnaire - R2G02 - Incident Response
You have completed 0% of this survey
0%
100%
For the role of Incident Response in the Smartgrid Cybersecurity environment, please indicate how frequently each task below would be performed by a person at the listed level of expertise, and how important is it that this task be completed by a person with the listed level of expertise.
*
Protect classified or proprietary information related to the event, but release general incident information to stakeholders (Task ID: R2-9709)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)
*
Report security incident classification (category selected) to management and record in incident management system (Task ID: R2-9825)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)
*
Communicate incident response plan and team members among stakeholders to ensure they understand commitment and responsibilities when team is stood up (Task ID: R2-9770)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)
*
Communicate with other analysts to team work larger incidents (Task ID: R2-9364)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)
*
Coordinate notification strategies with other units, such as Compliance (Task ID: R2-9579)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)
*
Coordinate reactive and proactive repsonses (Task ID: R2-9180)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)
*
Coordinate with compliance to make all regulator required security incident reports in compliance with the standard (Task ID: R2-9613)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)
*
Develop an incident response program / plan. (Task ID: R2-9772)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)
*
Develop incident response plan and team (Task ID: R2-9768)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)
*
Document call trees and reporting and coordinating procedures to all parties (Task ID: R2-9697)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)
*
Document stakeholders that must be contacted for each affected system in an incident (Task ID: R2-9779)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)
*
Identify known information and event details prior to the analytical effort. Make sure all analyst have the information and that a sequence of events has been created and will be added to during the analytical process. (Task ID: R2-9109)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)
*
Identify people resources by skills, expertise, and authorized roles to support future analytical efforts (Task ID: R2-9771)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)
*
Maintain a knowledge of professional resoures within the organization (Task ID: R2-9780)
Frequency
Importance
Never
Rarely
Sometimes
Often
Always
Unimportant
Low
Moderately
Very
Extremely
Novice (Apprentice)
Intermediate (Journeyman)
Expert
(Master)