SIIM Roadmap

Step 4. Informed decision making and policy design


Share incident data externally


Inform operational decisions


Inform organisational policy


Inform staff of decisions made

Senior managers should communicate to staff members what the organisation has learned from incidents and inform them of the decisions that have been made based on the data that has been gathered. This can help to address the under-reporting of incidents. This will enable staff members to:

  • Improve their understanding of incident information management
  • Improve their trust in the incident-reporting process
  • Implement lessons learned from incidents.

Learn more

Consult SIIM Handbook, pages 41, 47 & 48:
Chapter 2, Objective two – Introduction to Lessons learned and applied, Objective three – Understanding the operational context & 3.1 The practicalities of sharing security information.