responsing to the unplanned interruption which causes risk to the organization is called incident response.
PICERL is called incident management process.
preparation: preparing the team members to handle incident response.
identification: establishing process to identify the incidents and reporting them.
containment: categorizing types of incidents and prioritizing them.
eradication: based on the triage process, determine what level of eradication is needed to ensure security.
recovery: ensure backups are working.
lessons learned: documenting the entire incident and analyze it.