Problem
Consider the development of an incident response policy for the small legal firm mentioned in Problem Specifically consider the response to the detection of financial fraud by an employee. What initial actions should the incident response policy specify? What default decision do you recommend regarding reporting this incident to the appropriate CERT? Or to the relevant law enforcement authorities?