One of several important tasks following detection of a serious information-related incident is to notify relevant parties, such as those impacted directly or indirectly, plus the authorities and other stakeholders ... and already we see the scope starting to mushroom. On top of that, the technical and commercial complexities involved in various kinds of incident plus uncertainties around the perpetrators, coupled with tight timescales, implies a high stakes, high stress situation. Exactly how much can/should be revealed, in what form, to whom, and when? Simply communicating at all may well be tricky if the incident affects IT systems, networks and relationships.
This generic procedure lays out a dozen (OK, a bakers' dozen!) important, time-critical steps at the heart of the process, plus one before and one after (less time-critical but almost as important). It offers a wealth of pragmatic tips to guide those following the process for real, plus a variety of message templates to adapt to the task at hand, speeding-up the process without undermining management control.
Supplied as a 10-page MS Word document, 'camera-ready' yet readily customised for your particular situation. It could easily be reduced to just a couple of pages (e.g. the process flow diagram plus brief instructions for the dozen core steps?), transferring the guidance/tips to a separate guideline and storing the message templates in a convenient folder - or a USB stick for ready access following, say, a ransomware outbreak.
Incident notification procedure
A 10-page generic procedure template, documenting the process for disclosing major incidents, notifying the relevant parties in an appropriate manner.
Supports the incident management policy.
The license covers internal use within a single organisation. Please get in touch if you'd like to incorporate the SecAware content in your systems or services provided to third parties.