Policies, frameworks, and guidelines are critical for the support of the incident management, incident handling, information handling, and exchange process and procedures of a CSIRT.
In developing these policies, frameworks and guidelines to provide services in the 5 areas of the FIRST CSIRT Services Framework, the GFCE guideline for the development of cyber incident management in low income countries recommends that a team make reference to the international standards such as the ISO/IEC 29147:2018, Recommendation ITU-T X.1500, and frameworks such as the MITRE ATT&CK framework, the SANS framework, the CMU SEI guidance documents.