The number of IT security incidents in companies is still increasing every year. The impact of the incidents ranges from easy-to-fix infections of outdated clients over compromises of large portions of employees work stations and laptops with Trojans or, as a specialty of the recent years, Ransomware which did compromise the entiry IT environment. In the first place, the severity of an occurring incident is unclear, resulting in stress for all involved persons and thus raising the risk for mistakes to happen. The better a company is prepared for incidents, the better is the chance to resolve an incident as good and fast as possible. To this end, we provide a comprehensible first steps guideline, checklist, seizing and analysis strategies and explain the role and content of preparation plans as well as common incident handling process models.