208 ITU‐T's Technical Reports And Specifications Determining the appropriate actions to detect and remove artifacts from a system, as well as actions to prevent future similar issues (this may involve creating signatures that can be added to antivirus software or IDS). Coordination and sharing the information collected with other CERT/CSIRT, similar security organization as well as vendors. Incident Handing CERT/CSIRT responsibilities includes: Management of emergencies at City ICT. Coordination between all the team involved. The coordination work may involve collecting contact information, notifying subjects of their potential involvement (as victim or source of an attack), collecting statistics about the number of subjects involved, and facilitating information exchange and analysis. Part of the coordination work may involve notification and collaboration with legal department, human resources and/or public relations departments. It would also include coordination with law enforcement. Announcements and Technology watch CERT/CSIRT responsibilities includes monitor of: New technical developments, intruder activities, and related trends to help identify future threats. Announcements and Technology watch inform constituents about new developments with medium to long‐term impact, in order to allow proactive protection to be enable. The outcome of this service might be some type of announcement, guidelines, or recommendations focused at more medium to long‐term security issues.