IT & Security Prompts to Communicate More Effectively

Create standard handoff template for handing incidents to IR: summary, timeline, evidence, IOCs, open questions.

Design standardized shift handoff reports: closed incidents, ongoing investigations, escalations, tool issues, alert changes.

Create standardized executive dashboard for Board: posture status, incidents, controls, compliance, roadmap, risks, resources.

Create troubleshooting guide for VPN and remote access issues with step-by-step user instructions.

Create talking script for educating users about social engineering attacks and red flags.

Create guidance on secure credential and secret management: password managers, secret sharing, database credentials.

Create user guidance on data classification, handling by level, common mistakes, reporting procedures.

Create guidance on recognizing and reporting suspicious user behavior confidentially and appropriately.

Create training on acceptable use of IT systems and consequences of policy violations.

Handle vulnerability disclosure from researchers with embargo agreements, patch sourcing, coordinated timing.

Create communication templates for vulnerability findings to different audiences (developers, management, customers).

Activate IR plan and mobilize team: assign incident commander, assemble team, brief on situation, assign roles.

Manage communications about incident to stakeholders: internal, leadership, customers, regulators, law enforcement.

Create communication plan with templates for different audiences: employees, customers, regulators, media.

You are a CISO preparing the quarterly security posture report for the board. Security data: [PASTE: Security incidents this quarter (count/severity) | Vulnerabilities open by severity | Phishing test click rate | Security training completion % | SOC 2 or certification status | Any regulatory or customer security inquiries | Key security investments made] Report on: 1) Threat landscape — any notable external threats or industry incidents relevant to the company 2) Incident summary — incidents this quarter; severity, impact, and resolution 3) Vulnerability posture — open vulnerabilities by severity; trend vs. last quarter 4) Human risk — phishing click rate; training completion 5) Compliance and certification status — SOC 2 / ISO 27001 / GDPR / HIPAA as applicable Output: Board security report. One page. Traffic light for each area. Non-technical language. Decision items for board attention.

Design a security metrics dashboard. Audience: [CISO / exec team / IT / board] Security tools: [SIEM, endpoint, identity, monitoring] Key concerns: [phishing rates / patch compliance / access anomalies / incident response times] Reporting cadence: [weekly / monthly / quarterly] Please design: 1. 8-10 most important metrics 2. For each: definition, measurement, what 'good' looks like, alert threshold 3. Leading vs lagging indicators 4. Suggested layout (exec summary vs detail) 5. Red/amber/green thresholds for each metric