Social Engineering Attack Documentation

1. Incident Overview

Date of Incident Reported By Location / Department

2. Attack Description

Summary of the Attack Type of Social Engineering Used Initial Point of Contact

3. Attack Timeline

Timeline of Events

4. Impact Assessment

People Involved/Affected Data/Assets Compromised Business Impact

5. Detection and Response

How Was the Attack Detected? Actions Taken

6. Root Cause Analysis

Root Cause(s) Vulnerabilities Exploited

7. Lessons Learned & Recommendations

Lessons Learned Recommendations

8. Attachments / Evidence

Links to Files or Additional Evidence