RESPONSE PLANNING
The Response Planning section of our Information Security Program addresses the response processes and procedures that are executed and maintained to ensure response to detected information security incidents.
Response Plan Execution
We use our documented Incident Response Plan when responding to information security and privacy-related incidents.
COMMUNICATIONS
The Communications section of our Information Security Program addresses response activities that are coordinated with internal and external stakeholders (including external support from law enforcement agencies, as needed).
Responder Roles & Responsibilities
We assign roles and responsibilities for incident responders to ensure a successful response to information security and privacy-related incidents.
Incident Reporting
We report information security and privacy-related incidents consistent with established reporting criteria, as mandated by statutory, regulatory, and contractual obligations.
Incident Information Sharing
We share pertinent incident information with affected stakeholders.
Stakeholder Coordination
We coordinate incident response activities with stakeholders that are consistent with documented plans.
Situational Awareness
We voluntary share information security and privacy-related incident information with external stakeholders to achieve broader situational awareness.
ANALYSIS
The Analysis section of our Information Security Program addresses the analysis that is conducted to ensure effective response and support recovery activities.
Alert Analysis
We investigate notifications from detection systems in a timely manner.
Impact Understanding
We evaluate the potential damage and scope of the incident to understand its potential impact.
Forensics
We utilize proper forensic procedures for information security and privacy-related incidents that have the potential for legal action or data breach reporting. This is provided by either an approved D3 forensic partner or an insurance company.
Incident Classification
We classify and document incidents consistent with established response plans.
Incident Classification
We maintain processes to receive, analyze, and respond to vulnerabilities disclosed from internal and external sources (internal testing, RSS, or security researchers).
MITIGATION
The Mitigation section of our Information Security Program addresses the activities to prevent the expansion of an event, mitigate its effects, and resolve the incident.
Contain Incidents
We implement mechanisms to contain the scope of information security incidents.
Mitigate Incidents
We implement mechanisms to mitigate the ramifications of information security incidents.
New Vulnerability Response
We identify, document, and mitigate (new) identified vulnerabilities in a timely manner.
IMPROVEMENTS
The Improvements section of our Information Security Program addresses organizational response activities that are improved by incorporating lessons learned from current and previous detection/response activities.
Incident Response Lessons Learned
We update our Incident Response Plan based on lessons learned following incidents or tabletop exercises.
Incident Response Strategy Update
Our management and cross-functional teams update their incident response strategy.