ITU‐T's Technical Reports And Specifications 207 CERT/CSIRT Stakeholders Incident Handling and response is not a self contained process. Relationship, communication channels, data sharing agreements , policies and procedures must be established across the organization. Strong commitment is needed from High Management . CERT/CSIRT Manager is the prime actor to work on this specific task. Suggested Services Alert and Warning CERT/CSIRT responsibilities includes: In collaboration with SOC and Risk Team CSERT/CSIRT will collect share all the latest security alerts/information from internet sites with the main goal of: Coordinating with different teams to maintain highest security level at ISMD. Patch Management, Anti Virus Management etc. Trend Analysis for possible emergency scenarios . Problem Management Security Update report. Security Assurance audit reports. Vulnerability Handling and Artifact Handling CERT/CSIRT responsibilities includes: In collaboration with Risk Team CSERT/CSIRT will: Identify the relevance of the information to the City ICT. Conduct impact analysis of the identified/reported vulnerability. Gather information about systems vulnerable to identified/reported vulnerability. Support the involved team in implementing controls based on priority. Artifact Handling CERT/CSIRT responsibilities includes: Technical examination and analysis of any artifact found on a system. CSIRT Risk Management Human Resources Legal Department IT and Network Team Business Management Physical Security Security Operation Center