Does your organisation have a documented Incident Response Plan?
We adopt a 5-stage approach to handling any incidents:
Preparation
Detection
Triage and analysis
Containment and neutralisation
Post-incident learning
This includes recording of incidents in our Events, Incidents and Weaknesses Register.
We have documented Application Incident Response Procedures and a Business Continuity Plan.
Where an incident impacts on personal data, we also utilise a documented Data Breach Reporting Procedure.
We aim to fix any production issues within the following time span:
P1 - 4 hours
P2 - 24 hours
P3 - 48 hours
P4 - prioritised accordingly on backlog