Planning overview

This section maps features to a step-by-step playbook design process.

Creating a playbook involves a set of incident types, phases, tasks, fields, workflows, scripts and rules to respond to an incident through intelligence, automation, and orchestration. Before creating a playbook, you need to understand your organization’s policies for responding to events.

Organizations typically follow pre-defined methods and standards when dealing with incidents, whether it be an emphasis on tools and automation, reporting and metrics, or information sharing. The following set of industry standards can help define your incident program:

Before starting, familiarize yourself with the various tools and capabilities of Orchestration & Automation as described in Playbook toolkit. After, use the configuration procedures in this guide to create your playbook.