Like a high-powered machine, an effective Security Incident Response Team (“SIRT”) is comprised of several distinct roles that work in harmony. Not to be confused with your grandmother’s first coffee-running, copy-making, big-shot-answering secretary job, the role of the scribe is fast-paced, engaging, and crucial to minimizing destruction in the midst of disaster.
In the middle of the chaos, maintaining a consistent and accurate story of key details and decisions can prove itself to be very difficult. Countless studies by psychologists and doctors have shown that our memory and ability to recall a completely accurate and detailed timeline is pretty poor at best. It gets increasingly difficult when rapid-fire decisions are being made and the course of action is constantly shifting. When the dust settles, your stakeholders, clients, and the public will be nipping at your heels asking for answers. Will your organization be prepared to present a clear, unified, and accurate description of the disaster and your response in a timely manner? With a well-equipped scribe on your team, you can be! We’ve compiled a list of the scribe’s key responsibilities so your team can be fully prepared to run like a well-oiled machine when a disaster strikes.
The Scribe’s Tips for Success:
Maintain complete and accurate record of the actions, key decisions, activities, and status of members of the SIRT
Be physically located at the Incident Command Post
Be an active member of all status updates (in person or via conference call)
Coordinate details to ensure the appropriate tools are in the Incident Command Post that are required for the role (ex. Clean whiteboard, flipcharts, notepads, markers, audio-visual equipment, laptop, etc)
Understand and have a copy of the Security Incident Response Plan (“SIRP”) to follow the expected process
Keep a timeline of all events during the incident, including date and time
Keep a record of all relevant facts of the incident
Monitor the situation status at all times
Identify which team members will be assigned to which SIRT roles
Describe all key decisions made by leaders, especially the Incident Commander
Provide external communications to consultants and contractors involved in the incident
Provide internal communications to management, employees, or other stakeholders
List areas of improvement for future uses of the plan