From Zero to a Complete Incident Response Plan in Under 20 Minutes

The intake form uses plain language throughout. No security jargon. No framework knowledge required. If you can answer questions about your organization's size, staff, and basic IT setup, you can complete the form.

The form covers six areas:

• Your organization: type, size, state, operating name, and brand colors for the output.
• Your data: what types of data you hold — donor records, client files, payment info, health information.
• Your team: key contacts and roles — Incident Response Lead, IT support, executive leadership, legal counsel.
• Your tools and infrastructure: email platform, file storage, security tools currently in place.
• Your risk profile: your top concerns and any past incidents that inform your plan's focus.
• Your output preferences: plan format and what to include in the emergency contact one-pager.

Once you complete the intake form, the system applies the NIST Cybersecurity Framework and CIS Controls v8 to your inputs. It selects the appropriate content for your organization's size, data types, state jurisdiction, and IT structure.

State-specific content: IRPForge includes breach notification language calibrated to your state's requirements. All 50 states and the District of Columbia are covered.

Conditional content: If you have a cyber insurance policy, your plan includes insurer notification procedures. If you handle health information, your plan includes PHI-specific response procedures. The output reflects your actual situation — not a generic template.

Built on CIS Controls v8 and the NIST Cybersecurity Framework — publicly available standards, not certified or endorsed by NIST or CIS. IRPForge generates a planning document. Consult qualified legal counsel for compliance determinations.

All three documents are included with every Starter purchase ($199 one-time). Professional and Organization tiers, coming soon, add editable Word document output and additional tools. See full pricing →

IRPForge is a document generation tool. It produces a written incident response plan. It does not monitor your systems, provide active incident response services, or guarantee protection against any security threat.