Step 4. Informed decision making and policy design
Senior managers should communicate to staff members what the organisation has learned from incidents and inform them of the decisions that have been made based on the data that has been gathered. This can help to address the under-reporting of incidents. This will enable staff members to:
- Improve their understanding of incident information management
- Improve their trust in the incident-reporting process
- Implement lessons learned from incidents.
Consult SIIM Handbook, pages 41, 47 & 48:
Chapter 2, Objective two – Introduction to Lessons learned and applied, Objective three – Understanding the operational context & 3.1 The practicalities of sharing security information.