long-term risk as the effect of the risk may ripple out to other
            areas, downstream operations, or business partners. Incidents
            can be classified according to their location (geography), impact
            on business operations (departments, enterprise-wide), financial
            cost, impact on health and safety (always the priority), and
            reputation.

            The classification of an incident is often based on whether the
            incident is internal or external, whether it is accidental or
            intentional. The classification of the incident will drive the
            response strategy.

            Notification

            When an incident has been detected and classified, the next step
            is to notify the appropriate stakeholders. The stakeholders
            include senior management, affected departmental managers,
            regulators, law enforcement, legal, human resources, security,
            public affairs, and system owners. Depending on the type of
            incident, stakeholders may be notified by email, phone calls, in-
            person, or websites.


            Mobilization of Incident Response Teams

            When an incident occurs, the appropriate team members need to
            be notified and assembled as rapidly as possible. Depending on
            the type of incident, not all team members may need to be
            activated - unneeded team members should not be activated to
            expending unnecessary resources.
            The plan must contain current contact numbers and procedures
            for each team member. A common method of mobilizing the
            team is through a call tree where the leader will call the first tier