pmstudio-irplisted

# IRP — Incident Response Plan ## Purpose Generates an Incident Response Plan specific to the product/platform. Not a generic IT incident template — this plan is scoped to the product, uses its real stakeholders as escalation contacts, and ties severity to its data classification. ## Process ### Step 1: Read Context **Read all that exist:** - `CLAUDE.local.md` — architecture, stakeholders, vendor contacts, data classification - `PRD/*.html` or `PRD/*.md` — security section, RBAC, NFRs, integrations - `Data/Stakeholder-Directory.*` — escalation contacts with roles and emails - `Operational/DR-Plan*.html` — recovery procedures to reference (if exists) ### Step 2: Ask Discovery Questions Only ask what can't be inferred: 1. **What constitutes an "incident" for this product?** (data breach, service outage, unauthorized access, integration failure, data corruption) 2. **Who is the Incident Commander?** (default: PM, but confirm) 3. **Vendor support model?** (SLA response times, escalation contacts, ticket system) 4. **Legal/privilege considerations?** (e.g., ProductB has legal privilege — incidents may require legal counsel) 5. **Existing Coco Inc incident process?** (does the team already report through ServiceNow, Slack, etc.) ### Step 3: Generate IRP Document **Output:** `Operational/IRP-{ProductName}-{Date}.html` Self-contained HTML with print-optimized CSS. No CDN dependencies — this document must work offline during an actual incident. **12 sections:** **1. Purpo