Revision refers to the final aspect of incident response, that of revising procedures and systems to ensure an incident doesn’t occur again. During this part of the process, organizations must look at why the incident occurred, what could have prevented the incident evaluate if the organizational security systems need to be updated.
Sometimes a Root Cause Analysis can be performed to help improve the outcome of the revision phase of any incident.
Related Terms: Containment, Eradication, Identification, Incident Response, Recovery, Root Cause Analysis