An incident response plan is a document that defines the roles and responsibilities, procedures, and processes for detecting, analyzing, containing, eradicating, recovering, and learning from security incidents. The purpose of an incident response plan is to minimize the impact of incidents on the organization’s assets, operations, and reputation, and to restore normal operations as quickly as possible. An incident response plan is not the same as a security management plan, a disaster recovery plan, or a backup and archiving plan, although they may be related or complementary. References := Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) - Cisco, page 92; NIST SP 800-61 Rev. 2, Computer Security Incident Handling Guide, page 2-3