Remediation Plan (RP)

No: 562240000067

Date(g): 13/5/2019 | Date(h): 9/9/1440

Status: In-Force

The White Team should draft a Remediation Plan, which should be based on the Red Teaming Evaluation Report and the Blue Team Report. The remediation plan should provide clear areas of improvements, priorities and a roadmap how and when to improve the prevention (e.g. hardening), detection, response and recover capabilities within the Member Organization. Important is that the status and progress of the remediation plan is monitored and periodically reported to the Cyber Security Committee of the Member Organization as well as the Green Team.

Below the outline of the report and the required elements (not limitative):

Remediation Plan (RP)
1.	Introduction
2.	Executive summary
3.	Background of the remediation plan
		Goal and objectives of the remediation plan
4.	Target audience and stakeholders
5.	Agreed recommendations and areas of improvement provided by the Red and Blue Team
		Agreed recommendations focused on people, process and technology,
		Agreed recommendations focused on (prevention) detection, response and recover
		Agreed priority rating for each recommendation
6.	Prioritized list of the agreed areas of improvement
7.	Agreed Remediation Plan
		What, when, where, and how
		Overview of the persons-to-act (e.g. where possible involvement business management)
		Agreed due dates
8.	Roadmap for the agreed and prioritized improvements
9.	Frequency of updating the Cyber Security Committee of the Member Organization and the Green Team
10.	Project Management Organization
		People/teams involved
		Overview of the relevant tasks and responsibilities
Appendices
		The list of involved departments, teams and team members
		Screenshots with supporting evidence
		Any other supportive materials
The remediation plan should be classified as: Confidential / Internal Use Only

Soft Launch