Introduction and Evaluation of Computer Security Incident Response Team (CSIRT) in Organizations

Mohammad Mahdi ESTEDLAL
1.919 923



With the rapid development of information technology and the continuous changes in the services, information technology has played a key role in organizations. During the past years, a great number of IT infrastructure and particular applications have been employed by the organization. Many organizations have purchased a large number of high-end enterprise applications such as ERP, CRM, etc. to improve their business capacity. At the same time, these organizations a huge amount of time and resources are spent for maintenance applications. At the same time, these organizations are spent a huge amount of time and resources for application’s maintenance. since any incident that may result in service interruptions, causes very high costs for organizations,  The issue of how organizations can deploy an effective way to manage events, So that costs can be reduced, the occurrence of events can be avoided and the continuity of their business can be guaranteed, is considered. For this purpose, approaches and events management models offered by some mature frameworks such as ITIL, COBIT and standards like ISO / IEC 20000, are accepted widely in many organizations. These frameworks combine extensive management practices in order to support organizations for achieving the desired quality and creating value from IT operations.

For example ITIL provides A set of best process-oriented practices for IT service management.
IT service management practices, directly or indirectly causes establishing communication between employees, innovation, finances and domestic business interests.


Incident Management, Incident life Cycle, Information Technology Infrastructure Library (ITIL), Computer

Full Text:



European Network and Information Security Agency, “Good Practice Guide for Incident Management,” 2010.

Moura, J.Sauve, C.Bartolini, “Business-Driven IT Management-Upping the Ante of IT: Exploring the Linkage between IT and Businessto Improve Both IT and Business Results,”IEEE Communications Magazine, Vol. 46 (10), 2008.

Office of Government Commerce, ITIL Core Books, UK, 2007.

IT Governance Institute, Control Objectives for Information andrelated Technology (CobiT), 4.1th Edition, USA, 2007.

International Organization for Standardization, “ISO/IEC 20000-1”&“ISO/IEC 20000-2”, 2005.

W. Gue, Y. Wang, “An Incident Management Model for SaaS Application in the IT Organization,” IEEE Computer Society, 2009.

Cater-Steel, "Information Technology Governance and Service Mangement: frameworks and adaptions," IGI Global, 2009.

V. Lloyd, C. Rudd, and C. Littlewood, "Planning to Implement Service Management," Earley: itSMF Ltd, 2003.

Nabiollahi, B. Sahibuddin,, "Considering Service Strategy inITILV3 as a Framework for IT Governance, 2008.

Hochstein, R. Zarnekow, W. Brenner, "ITIL as Common Practice Reference Model for IT Service Management: Formal Assessment andImplications for Practice", IEEEXplore, 2005.

M. Brenner, M. Garschhammer, and H. Hegering,"Managing Development and Application of Digital Technologies", Berlin: Springer, 2006.

Cartlidge , A. Hanna, C. Rudd, I. Macfarlane, J. Windebank, and S. Rance,,"An Introductory Overview of ITIL V3”,The UK chapter of the itSMF, 2007. [22]

Carnegie Mellon, Software Engineering Institute, “Handbook for Computer Security Incident Response Teams (CSIRTs)”, 2ndEdition, 2003.

European Network and Information Security Agency, “a step-by-step Approach on How to Setup a CSIRT,” 2006.

Carnegie Mellon, Software Engineering Institute, “Defining Incident Management Processes for CSIRTs: A Work in Progress”, 2004.

National Institute of Standards and Technology, "Computer Security Incident Handling Guide," 2nd Edition, 2012.