InfosecWriters has a short but sweet paper by Anton Chuvakin, entitled Five Mistakes of Incident Response. It's a quick, easy read that I wholeheartedly recommend. In fact, I would have added a mistake #0: Panicking. Keeping your cool is always the most important thing in Incident Response. Still, this paper is a great summary of the other top five mistakes to avoid.