Discuss how you would implement an incident response plan that includes the use of AWS IAM roles and policies to control access during an incident. What specific IAM policies would be critical in restricting access and what roles would be responsible for managing these policies?