Which item is not typically listed as a core incident response plan component?

In incident response planning, the document focuses on governance, the actions to take, and the resources needed to execute those actions. Policies establish who has authority and what must be done; Procedures lay out the exact steps for handling an incident from detection through recovery; Tools/Resources refer to the assets and tech required to carry out the response. Training is essential to ensure people can perform their roles, but it’s typically treated as a separate program that supports the plan—through drills, exercises, and ongoing education—rather than a core component the plan itself enumerates. So, while training strengthens readiness, the plan’s core components are the governance framework, the procedural steps, and the tools/resources that make those steps possible.