Computer systems will always be subject to attacks, but being prepared can mean the difference between staying in business or going out of business. Gem Infosys was recently the target of a malware attack that disrupted network operations for two full days. While we may not have the largest networking and computing infrastructure, it is important to protect our systems from further attacks. I would like to implement an incident response policy to reduce network downtime should future incidents occur, and also provide guidance for developing an incident response team, disaster recovery process, and business continuity planning. An incident response policy serves as an informed guide to our organization's information efforts. Contains background, definitions, incident classification, reporting, business continuity, process flow, and incident examples. The incident response policy offers a structure with rules and recommendations, which have been adapted to our organization, can resolve confusion about information management in different circumstances and will help simplify...