The main purpose of the security service is to provide security for its users. One through the intrusion detection system alerts the user when there is an attack on the computer. Then, the intrusion alert not only for our information if there is suspicious activity, but also a log for analysis and take action to protect the network and information system from a threat before caused more impact. Most detection system tools provide information about intrusions that occur as high or low-priority intrusions based on what generated. This priority information would be necessary while the amount of intrusion happened very much for select options response to handle it first. The standard prioritization method in the intrusion detection system is based on the severity level defined. The other standard used is the score of common vulnerability enumeration. In this paper, we would be modeling the study some method commonly used for prioritizing the alert of the intrusion detection system. We would be using the response time management concept to experiment model.