Step 4: ACT: Operations and ongoing improvements

After the evaluation phase, it’s time to start thinking about next year, with a focus on the following:

• Managing specific local security incidents and taking the appropriate steps to react to them. 
• Evaluation of such incidents if necessary; take corrective action in regard to the consequence to avoid repetitions. 
• Local follow-up to ensure that the above procedure works in practice. 
• Ongoing improvement with focus on selected new activities that you will focus on in the coming year.

There are a few formal requirements that apply to documentation. For example, documents must be written and updated in accordance with a structured process.
This means that it is necessary to:

• have adopted a file naming convention
• decided on concrete document metadata
• decided on acceptable file formats.
• There must also be a process for reviewing and approving the documentation.
• There must be an audit trail for changes to the documentation.