The part of the incident response process that focuses on reviewing data to determine if it is a genuine incident and assigning an appropriate priority level is typically referred to as the "Incident Triage" phase.
During incident triage, the response team assesses incoming reports or alerts, analyzes them for validity, categorizes the incidents, and determines their severity or priority level. This step is crucial as it helps the team prioritize resources effectively and ensure that the most critical incidents are addressed promptly while also filtering out false positives or non-issues. After triage, incidents can proceed to investigation and remediation based on their priority level.