This NIST Special Publication helps organizations in designing, developing, conducting, and evaluating test, training, and exercise events.
This guide from NIST discusses how important forensics can be for an organization during a cyber incident.
This is a policy template from SANS for incident response management.
This SANS whitepaper details procedural incident response steps, supplemented by tips and tricks for use on Windows and UNIX platforms.
This SANS whitepaper discusses the need for annual incident handling testing and training.
This link from the State of Washington discusses examples of tabletop exercises that can be used during monthly meetings to help organizations prepare for cybersecurity events.
This document provides an overview of items that election officials should take into consideration when developing these policies and plans. Additionally, it provides usable checklists and other resources designed to help develop more in-depth procedures for implementing cyber incident response policies and procedures.
This YouTube video covers key components of an effective incident response plan.