Defining Roles and Responsibilities for an Incident Response Plan

Defining Roles and Responsibilities for an Incident Response Plan
In 2012, FBI Director Robert Mueller stated that “…in the not too-distant-future we anticipate that the cyberthreat will pose the greatest threat to our country” (Cowley, 2012). He went on to warn that “There are only two types of companies: those that have been hacked, and those that will be.” Given such a dire assessment, organizations that have not planned for a security incident should begin developing an incident response plan (IRP) immediately.
An IRP is a detailed document that outlines the process a company will use to respond to a security incident. A solid IRP contains many possible scenarios. However, one of the most crucial parts of an IRP is the roles and responsibilities assigned to the response team (first responders). 
To prepare for this Discussion, choose an organization, such as a school district, state/federal agency, or hospital.
Propose a set of roles and responsibilities to be defined and included in the organization’s IRP. For each role, characterize the nature and severity of an incident for which that person must become involved. Explain your reasoning.
Reference:
Cowley, S. (2012). FBI director: Cybercrime will eclipse terrorism. CNN Money. Retrieved fromhttp://money.cnn.com/2012/03/02/technology/fbi_cybersecurity/index.htm