diff --git a/source/standards/incident-management.html.md.erb b/source/standards/incident-management.html.md.erb
index 1ba48206..2a578e1b 100644
--- a/source/standards/incident-management.html.md.erb
+++ b/source/standards/incident-management.html.md.erb
@@ -8,7 +8,7 @@ review_in: 6 months
 
 GDS incident management focuses on restoring normal operations quickly with minimal impact on users.
 
-Technical incidents may also be cyber security or data loss incidents. You must report all suspected or actual cyber security incidents to the [CO:D Cyber Security team] and to the [GDS Information Security team]. You must report all actual or suspected data breach incidents to the [GDS Information Management team]. These requirements should be included in your service manual/guides/processes.
+Technical incidents might also be cyber security or data loss incidents. You must report all suspected or actual cyber security incidents to the [CO:D Cyber Security team] and to the [GDS Information Security team] using the [Incident response process](https://sites.google.com/a/digital.cabinet-office.gov.uk/gds/directorates-and-groups/cto-and-ciso-office/information-security/incident-response-process). You must report all actual or suspected data breach incidents to the [GDS Information Management team]. These requirements should be included in your service manual/guides/processes.
 
 ## Define incident priority