CISA Publishes the Cybersecurity Incident & Vulnerability Response Playbooks

November 19, 2021 - The playbooks, released on November 17, 2021, is a standard set of operational procedures to be used in planning and conducting cybersecurity vulnerability and incident response activity respecting Federal Civilian Executive Branch (FCEB) Information Systems. Specifically, the procedures provide the instructions to identify, coordinate, remediate, recover, and track successful mitigations from incidents and vulnerabilities affecting FCEB systems, data, and networks.


The Incident Response Playbook provides a standardized response process for cybersecurity incidents and describes the process and completion through the incident response phases as defined in National Institute of Standards and Technology (NIST) Special Publication (SP) 800-61 Rev. 2,5 including preparation, detection and analysis, containment, eradication and recovery, and post-incident activities.

The Vulnerability Response Playbook provides a standardized, high-level process that agencies should follow when responding to these urgent and high-priority vulnerabilities.

The playbooks are the result of President Biden's Executive Order 14028, "Improving the Nation's Cybersecurity," both of which can be downloaded from CISA portal.