A documented strategy that defines how an organization prepares for, detects, responds to, and recovers from cybersecurity incidents. A strong IRP outlines roles and responsibilities, communication protocols, containment steps, evidence preservation, and post-incident reviews. It ensures organizations can act quickly and effectively to minimize damage, meet reporting requirements, and strengthen defenses after an incident.