Cloud Security Incident Response Report

1. Incident Identification

Incident Title Date & Time Detected Reported By

2. Incident Description

Description

3. Impact Assessment

Affected Systems/Services Data Exposure/Risk Users Impacted

4. Containment

Containment Steps Taken Time to Contain

5. Eradication & Recovery

Eradication Actions Recovery Steps

6. Root Cause Analysis

Root Cause

7. Lessons Learned

Lessons Learned

8. Recommendations

Recommendations & Follow-up Actions