Effective Date: September 1st, 2023
This document outlines the procedures Speakable will follow in response to the discovery of a data breach or security incident. The goal of this incident response plan is to minimize the impact of security incidents on our organization and ensure a swift and coordinated response.
2. Discovery and Response to Incident
2.1. Reporting an Incident
If someone discovers an incident, they should immediately contact the Incident Response Team Lead via email at email@example.com, with firstname.lastname@example.org cc’d with details of the incident such as:
2.2. Incident Response Team Lead Responsibilities
Upon receiving a report of a security incident, the Incident Response Team Lead will take the following steps:
2.3. Incident Response
3. Response Plan Implementation
Once the incident response team has determined the appropriate response strategy, they will proceed with the necessary actions, which may include containment, eradication, recovery, and communication.
The Incident Response Team Lead, as the person responsible for coordinating all external and internal communications related to the incident, will handle notifications to affected parties, customers, regulatory authorities, and legal counsel as necessary.
5. Documentation and Reporting
Throughout the incident response process, all actions taken, decisions made, and communication logs will be documented by the incident response team members.
6. Post-Incident Review
After the incident is resolved, Speakable will conduct a post-incident review to assess the effectiveness of the response and identify areas for improvement in our incident response plan.
This incident response plan is subject to periodic review and updates to ensure its effectiveness in addressing security incidents. Speakable is committed to safeguarding our organization and customer data and responding swiftly to any security threats.