Site Security Planning
When a security incident occurs that requires a coordinated response from outside your site team, you should be ready to follow up with a plan and a policy. Be prepared to:
Report incidents to your central authority. If your organization is large, it might have standard incident reporting procedures, and incident response teams to handle them. If that is the case, incorporate these procedures into your security incident reporting policy.
Report incidents to the appropriate governmental authorities. Incidents involving attacks from outside your state or outside the U.S. should be reported to the FBI.
Report problems to appropriate vendors and Internet security monitoring and coordination organizations, such as the CERT Coordination Center ( http://www.cert.org ), bugtraq, or ntbugtraq.
In addition to a policy, you should have contact information for reporting incidents to all pertinent authorities.