Create a role-based incident response playbook for visitor-related security events with severity tiers [SeverityLevels]. Define triggers (e.g., missing escort, badge non-return, restricted area breach), immediate actions, containment target of [MaxContainmentTime], evidence handling, and communication protocols. Include legal review contact [LegalContact], media/PR contact [PRContact], and ownership of the escalation matrix by [EscalationMatrixOwner] under [Regulation]. Output format: (1) Incident taxonomy and definitions. (2) Timeline checklist by role (Reception, Security, Escort, Facilities, IT, Legal). (3) Decision tree (Mermaid) for escalate/contain/evacuate paths. (4) Notification templates (internal alert, partner notification, regulator notice as applicable). (5) Post-incident actions: RCA template (5-Whys/Fishbone), corrective/preventive actions with owners/dates, evidence retention rules. (6) Metrics: MTTA, MTTC, policy breach recurrence rate.