Why is a policy definition required for a computer security incident response team?


A policy definition for a computer security incident response team will formally define and document the purpose of the team, the scope, procedures to be followed for reporting, rules for communication, the structure of the team, post-mortem procedures, and the roles and responsibilities of the members.

Drafting such a policy will lay down clearly the functions of the team as well as hold accountable all the members for the processes they follow. This helps the team to function is optimal manner with no room for ambiguity.