Put your organization ahead of the curve by creating a plan for handling incidents. When an incident occurs, track and document the response process through the six stages outlined by the National Institute of Standards and Technology (NIST SP 800-61 rev. 2).
Create and manage your plan for responding to incidents. Get a jump start with helpful features and suggested wording based on NIST's Computer Security Incident Handling Guide.
Customize the plan to fit your organization by modifying the incident handling process, documenting roles and responsibilities, developing action plans for incident types, and much more.
When an incident occurs, track and document what takes place during each stage.
The incident tracking component was designed to reflect the stages of an incident, as outlined by NIST. During each stage, you will be able to document exactly what happens, so you can learn from it and update your plan accordingly.
Refer to the automated timeline for an audit trail of certain date-and-time stamped actions. Add comments to explain your processes and communicate with members of your team.
To ensure visibility, the timeline is accessible throughout the incident tracking process, from the dashboard through each stage-dedicated page.
Use Tandem default action plans or create your own to ensure your organization is prepared for responding to a future incident.
When tracking an incident, action steps can be dynamically added to the various stage pages, based on incident type. Associate categories with the incident and follow your plans to ensure accurate and efficient response.
As part of your organization's incident response plan, you can set up teams.
Document contact information, associate team members, and provide a description to outline team charters, strategic goals, and responsibilities.
Incident handlers are vital to seeing an incident through from beginning to end.
In your organization's incident response plan, you will be able to establish these handler roles and define their responsibilities.
Incidents can fall into a variety of categories and subcategories. Defining the categories in your incident response plan will keep your organization prepared for any type of incident.
Categories are used to connect your action plans to an incident, as well as assist with classification for reporting purposes.
Once your action plans are created, test your plans prior to use in an actual incident.
Use the Preview option to ensure the correct action steps are included in a logical order.
Enroll employees in an online Security Incident Management Training course. This course is designed to educate your staff on their responsibilities as it relates to how they can prevent, detect, and respond to relevant security incidents. With the training, you can assess learning objectives through built-in quizzes and generate reports to show training completion and effectiveness.
Effortlessly generate your incident response plan or details about incidents that have occurred to share with your executive team, board of directors, auditors, and examiners.
These customizable documents are available in Microsoft Word and Adobe PDF formats.
"The Tandem Business Continuity Planning software has streamlined how we manage business continuity for our bank. Before Tandem, we lost files and had to update and make changes to a Word document. This software has helped us focus on the important aspects of business continuity and made it easier to update, train, and report to our Board of Directors."
Brandi Shiflett, EVP Senior Operations Officer North Dallas Bank & Trust Co in Dallas, TX"Tandem’s Business Continuity Planning software is a strong program that integrates well with Tandem’s Vendor Management software. It provides good reports for our Board of Directors and Management. It is easy to update, and I am able to access it from anywhere… even on my phone."
James Tipton, EVP Enterprise Risk Manager North Dallas Bank & Trust Co. in Dallas, TX"Tandem's Business Continuity Planning software has given us the direction we needed to establish good processes for our organization."
Ron Dittmann Texas Trust Credit Union in Mansfield, TX"Tandem is an excellent product that I highly recommend. It has helped us to fill the gaps regarding our BCP and Risk Assessments. It was a major help with our last NCUA exam with the addition of the ACET request list. I have nothing but great things to say about Tandem!"
Crystal Woodward-Smith Compliance Officer Hope Federal Credit Union in Jackson, MS"First, I want to thank Tandem for being such a great partner of ours. We are extremely grateful for the tools you have provided. Particularly, your BCP program and the employee alert system. As of right now that is our main communication system for most of our employees."
"Tandem is extremely easy to use. I just started in the system (in earnest) and was able to quickly navigate through the steps. It’s very logical, comprehensive and I’m hopeful it will result in easier reports and exams. It’s a phenomenal option for a bank our size."
Robin Banell VP of Compliance, Internal Control Officer F & M Bank in Edmond, OK"Thanks for all that you folks do to support and improve the software. We’ve been impressed with Tandem since day one; especially the responsiveness of the support and development teams with our needs and requests for new features. Thanks for all you do."
"We are so happy to have a partner like Tandem. Your products help our community bank compete with larger, regional and national banks without the expense of a huge staff."
Chris Manus Information Technology Manager Citizens Bank in Carthage, TN"Tandem Vendor Management has made the process for collecting and tracking documents a breeze. The Vendor Management system is easy to use, yet quite powerful software. The software has saved us time from old spreadsheets and a manual vendor review process. I would highly recommend any organization to this system."
Kyle Moreland Compliance Officer Johnson City Bank in Johnson City, TX"We started using Tandem for our vendor management program in late 2014. Right from the start we found the software easy to use and perfect for our needs. Their support team is responsive and friendly and continues to exceed our expectations. We find the free training sessions, videos, and knowledge base extremely helpful. Tandem has been a great business partner and it is a pleasure to work with them."
Yes. Tandem provides template language in the software that we call "suggested content." You can use our suggested content as a starting point, and quickly adapt the language to fit your company's unique requirements. Our suggested content is based on NIST Special Publication 800-61 revision 2 ("Computer Security Incident Handling Guide") and other industry guidance.
The suggested content in Tandem is built and maintained by security and compliance experts who perform information security consulting daily.
Is there instructional documentation to help me build my IRP?Yes. Tandem offers a Knowledge Base with articles written by Tandem experts. While you navigate the product you will also find help tips along the way.
Is there someone at Tandem who can help me build my IRP?Yes. Tandem Support is available 8:00 AM – 5:00 PM (CT), Monday through Friday to answer your questions about Tandem application features.
For help with establishing or executing your incident management program, check out our partners who can provide incident management consulting.
You are also invited to attend our annual KEYS conference to connect with other users and learn from Tandem experts.
What training options are available?Tandem Support is pleased to offer complimentary training webinars twice a month for our customers, and recordings of those training sessions are available on-demand.
A Knowledge Base is available with articles to help you learn about Tandem.
You can stay up-to-date on our latest features by subscribing to our Software Update emails.
Personal training is also available by request for an additional fee.
Will my data be secure?Yes. Tandem maintains high marks through the following testing: SSAE 18 SOC 1 Type 2, CompTIA Security Trustmark+, internal audits and assessments, quarterly penetration tests.
Security controls include:
Tandem products are delivered via the Internet as Software as a Service (SaaS) applications. Tandem can be accessed from any device with a modern browser. No software installation or special equipment is required.
New features and updates are included with your annual subscription and automatically available. Each new feature is documented in our Software Updates blog.
Does this product integrate with other Tandem products?Yes. Tandem Incident Management features integrate with Business Continuity Planning, Vendor Management, and Policies, to provide seamless sharing of data and help avoid duplication of information.
All Tandem products are available under the same secure website.
Can I manage accounts for multiple companies?Yes. With a single login you can manage several companies' Incident Response Plans (requires a subscription for each company).
