To implement this control you will need to design and document an incident response plan. The plan will need to be tailored to your particular organisations process for identifying, responding to, and resolving incidents. It can be helpful to have a security consultancy support you in designing, implementing, and testing your incident response plan.
Various IRP templates can be found online. It is important that whichever template you choose that you tailor it to your specific requirements and process. This will require input from your technical resources and the plan should be thoroughly tested to ensure it’s effectiveness.