This Recommendation provides an overview of security incident management processes and services for telecommunication organizations. It provides concepts and key issues associated with security incident management. Since the telecommunication organizations need to have processes in place to not only handle incidents that do occur but to prevent incidents from re-occurring, the five high-level processes are described along with the relationship to the security management. In addition, a list of services that a security incident management team can provide is suggested in terms of reactive, proactive, and security quality management services.