The Incident Response Team is generally the first group to receive and review incident reports because they are responsible for managing and mitigating cybersecurity incidents. They need the information first to start the containment and eradication phases of an incident. The Legal team and Public relations are usually involved after the initial response has been activated, and they are supplied with curated information to comply with legal requirements and manage external communications. C-level executives may be informed concurrently or after the Incident Response Team depending on the organization's procedures, but they are typically not the primary recipients for technical details.