Incident Response Planning & Tracking

Incident Management
Software

Create your incident response plan and track incidents

Put your organization ahead of the curve by creating a plan for handling incidents. When an incident occurs, track and document your detection, response, and recovery processes using features based on guidance from the National Institute of Standards and Technology (NIST SP 800-61).

Incident Response Plan

Easily create and manage your incident response plan with built-in guidance, suggested wording, and helpful features to support you. Customize the plan to fit your organization by defining communication guidelines, assigning roles and responsibilities, building action plans for different types of incidents, and more.

Tracking & Documenting

When an incident occurs, use the tracking component to document what happens at each stage. Built around the NIST process (Detect, Respond, and Recover), the tracking features make it easy to capture key details, learn from the incident, and improve your plan based on lessons learned.

Peer Analysis

Gain perspective into your incident response processes by anonymously comparing your results with more than 350 other organizations who are tracking incidents with Tandem.

Timeline

Refer to the automated timeline for an audit trail of certain date-and-time stamped actions. Add comments to explain your processes and communicate with members of your team. To ensure visibility, the timeline is accessible throughout the incident tracking process, from the dashboard through each stage-dedicated page.

Action Plans

Use template action plans or create your own to ensure your organization is prepared for responding to a future incident.

When tracking an incident, action steps can be dynamically added to the various stages, based on the type of incident. Associate incident categories and follow your plans to ensure accurate and efficient response.

Incident Response Teams

As part of your organization's incident response plan, you can set up teams.

Document contact information, associate team members, and provide a description to outline team charters, strategic goals, and responsibilities.

Roles & Responsibilities

Clear roles and responsibilities are essential for effective incident response. Use the Incident Handlers feature to identify technical leads, public relations coordinators, legal advisors, and others involved in the response to ensure coordination from detection through recovery.

Preview Action Plan

Once your action plans are created, test your plans prior to use in an actual incident.

Use the Preview option to ensure the correct action steps are included in a logical order.

Security Incident Management Training

Enroll employees in an online Security Incident Management Training course. This course is designed to educate your staff on their responsibilities as it relates to how they can prevent, detect, and respond to relevant security incidents. With the training, you can assess learning objectives through built-in quizzes and generate reports to show training completion and effectiveness.

Downloads

Effortlessly generate your incident response plan or details about incidents that have occurred to share with your executive team, board of directors, auditors, and examiners.

These customizable documents are available in Microsoft Word and Adobe PDF formats.

Additional Features

Use global reporting to generate standardized documents
Start with template incident response plan text and customize it to make it your own
Specify roles and responsibilities for incident response within your organization
Assign access roles like admin, edit, view only, or incident reporter
Configure important notifications for incident handlers
Store third-party contact information to improve incident communications
Create custom sections for your incident response plan document
Define terms used in your incident response plan with a built-in glossary
Track an unlimited number of incidents
Document the chain-of-custody for evidence related to incidents
Create incident handling tasks, assign them to users, and monitor their status
Run reports to identify gaps in your incident handling

Are you interested in

Incident Management Software?

Watch a Demo Request a Quote

"The Tandem Business Continuity Planning software has streamlined how we manage business continuity for our bank. Before Tandem, we lost files and had to update and make changes to a Word document. This software has helped us focus on the important aspects of business continuity and made it easier to update, train, and report to our Board of Directors."

Brandi Shiflett, EVP

Senior Operations Officer

North Dallas Bank & Trust Co in Dallas, TX

"Tandem’s Business Continuity Planning software is a strong program that integrates well with Tandem’s Vendor Management software. It provides good reports for our Board of Directors and Management. It is easy to update, and I am able to access it from anywhere… even on my phone."

James Tipton, EVP

Enterprise Risk Manager

North Dallas Bank & Trust Co. in Dallas, TX

"Tandem's Business Continuity Planning software has given us the direction we needed to establish good processes for our organization."

Ron Dittmann

VP of IT

Texas Trust Credit Union in Mansfield, TX

"Tandem is an excellent product that I highly recommend. It has helped us to fill the gaps regarding our BCP and Risk Assessments. It was a major help with our last NCUA exam with the addition of the ACET request list. I have nothing but great things to say about Tandem!"

Crystal Woodward-Smith

Compliance Officer

Hope Federal Credit Union in Jackson, MS

"First, I want to thank Tandem for being such a great partner of ours. We are extremely grateful for the tools you have provided. Particularly, your BCP program and the employee alert system. As of right now that is our main communication system for most of our employees."

"Tandem is extremely easy to use. I just started in the system (in earnest) and was able to quickly navigate through the steps. It’s very logical, comprehensive and I’m hopeful it will result in easier reports and exams. It’s a phenomenal option for a bank our size."

Robin Banell

VP of Compliance, Internal Control Officer

F & M Bank in Edmond, OK

"Thanks for all that you folks do to support and improve the software. We’ve been impressed with Tandem since day one; especially the responsiveness of the support and development teams with our needs and requests for new features. Thanks for all you do."

"We are so happy to have a partner like Tandem. Your products help our community bank compete with larger, regional and national banks without the expense of a huge staff."

Chris Manus

Information Technology Manager

Citizens Bank in Carthage, TN

"Tandem Vendor Management has made the process for collecting and tracking documents a breeze. The Vendor Management system is easy to use, yet quite powerful software. The software has saved us time from old spreadsheets and a manual vendor review process. I would highly recommend any organization to this system."

Kyle Moreland

Compliance Officer

Johnson City Bank in Johnson City, TX

"We started using Tandem for our vendor management program in late 2014. Right from the start we found the software easy to use and perfect for our needs. Their support team is responsive and friendly and continues to exceed our expectations. We find the free training sessions, videos, and knowledge base extremely helpful. Tandem has been a great business partner and it is a pleasure to work with them."

Frequently Asked Questions

Does Tandem provide an incident response plan template?

Yes. Tandem provides template language in the software that we call "suggested content." You can use our suggested content as a starting point, and quickly adapt the language to fit your company's unique requirements. Our suggested content is based on NIST Special Publication 800-61 and other industry guidance.

Tandem's suggested content is built and maintained by security and compliance experts who perform information security consulting services for financial institutions and other organizations with high security requirements.

Is there instructional documentation to help me build my IRP?

Yes. Tandem offers a Knowledge Base with articles written by Tandem experts. While you navigate the product you will also find help tips along the way.

How does the peer analysis feature work and do I have to include my data?

The peer analysis feature uses anonymous, aggregated data to show how your incident metrics compare to other members of the Tandem community. It includes insights like incidents by date, severity, and average response time. You can opt in or out of participating in the anonymous peer data set at any time.

Is there someone at Tandem who can help me build my IRP?

Yes. Tandem Support is available 8:00 AM – 5:00 PM (CT), Monday through Friday to answer your questions about Tandem application features.

For help with establishing or executing your incident management program, check out our partners who can provide incident management consulting.

You are also invited to attend our annual KEYS Conference to connect with other users and learn from Tandem experts.

What training options are available?

Tandem is pleased to offer complimentary training webinars each month for our customers. These webinars are recorded and available on-demand.

A Knowledge Base is available with articles to help you learn about Tandem. You can stay up to date on our latest features by subscribing to our Software Update emails.

Product training is also available by request for an additional fee.

Will my data be secure?

Yes. Tandem maintains high marks through the following testing: SSAE 18 SOC 1 Type 2, internal audits and assessments, quarterly penetration tests.

Security controls include:

Secure data transmission between your browser and your servers
Data encrypted at rest using AES-256
User passwords are hashed and salted
Datacenter protected by firewall and intrusion detection/prevention systems (IDS/IPS)
Redundant internet connections
Multifactor authentication options
Single Sign On (SSO) integration using SAML 2.0
IP address restrictions
User activity log
User access roles/restrictions

How is Tandem installed and updated?

Tandem products are delivered via the internet as Software-as-a-Service (SaaS) applications. Tandem can be accessed from any device with a modern web browser. No software installation or special equipment is required.

New features and updates are included with your annual subscription and are automatically available. Each new feature is documented in our Software Updates blog.

Does this product integrate with other Tandem products?

Yes. Tandem Incident Management features integrate with Business Continuity Planning, Vendor Management, Risk Assessment, and Policies, to provide seamless sharing of data and help avoid duplication of information.

All Tandem products are available under the same secure website.

Can I manage accounts for multiple companies?

Yes. With a single login you can manage several companies' Incident Response Plans (requires a subscription for each company).