Skip to main content

Incident Management Process

Patrick O'Meara avatar
Written by Patrick O'Meara
Updated this week

Introduction

The purpose of this document is to outline the 3Floorsup Pty Ltd ("3Floorsup") Incident Management Process. It provides guidelines and procedures for responding to security incidents that may occur within our SaaS software amd services. The process outlines the roles and responsibilities of employees and contractors, the steps to be taken in the event of a security incident, and the procedures for reporting and documenting the incident.

Roles and Responsibilities

  1. Management

    The management team is responsible for overseeing the incident management process, ensuring that all employees and contractors are aware of the process, and providing the necessary resources to respond to security incidents.

  2. Incident Response Team

    The incident response team (IRT) will be responsible for responding to security incidents, including identifying, containing, analyzing, and mitigating the incident.

  3. Employees and Contractors

    All employees and contractors are responsible for reporting any security incidents they encounter or suspect and following the guidelines outlined in this process.

Incident Management Procedures

  1. Reporting an incident

    The IRT will evaluate the incident and determine the appropriate response. The IRT may also escalate the incident to management if necessary.

  2. Containment

    The IRT will take immediate action to contain the incident to prevent further damage or data loss. This may include disabling affected systems or networks, quarantining infected devices, or limiting access to affected areas.

  3. Analysis

    The IRT will conduct a thorough analysis of the incident to determine the root cause and the extent of the damage. This may include reviewing system logs, network traffic, or other relevant data.

  4. Mitigation

    The IRT will develop and implement a mitigation plan to minimize the impact of the incident and prevent similar incidents from occurring in the future. This may include patching vulnerabilities, implementing new security controls, or updating policies and procedures.

  5. Documentation

    The IRT will maintain a record of all security incidents, including the type of incident, the time and date of the incident, the location of the incident, and a description of the incident. The record will also include the actions taken to respond to the incident, the results of the incident analysis, and any lessons learned.

  6. Post-Incident Review

    The IRT will conduct a post-incident review to evaluate the effectiveness of the incident response process and identify opportunities for improvement. The review will include an analysis of the incident response team's performance, the effectiveness of the mitigation plan, and the overall response to the incident.

All employees and contractors must report any security incidents to the IRT immediately upon discovery. The report must include the following information:

  1. Type of incident

  2. Time and date of the incident

  3. Location of incident

  4. Description of incident

  5. Any other relevant information

The incident management process is a critical component of 3Floorsup's overall security strategy. By following these guidelines and procedures, we can respond to security incidents in a timely and effective manner, minimise the impact of the incident, and prevent similar incidents from occurring in the future. Regular training and review of this process are necessary to ensure that all employees and contractors are aware of their roles and responsibilities in responding to security incidents.

Did this answer your question?