RC.CO-04.362

Does your organization have documented breach notification procedures that are followed during data breach recovery incidents?

Explanation

Breach notification during recovery is the focus: whether you have documented procedures for alerting affected parties and authorities, and consistently follow them when a breach happens. Proper breach notification procedures ensure timely communication with affected individuals, regulatory compliance, and appropriate remediation steps to minimize damage from the breach.

Evidence could include a documented breach notification policy/procedure, incident response playbooks that include notification steps, records of breach notification drills or exercises, or anonymized examples of past breach notifications that demonstrate adherence to the procedures.

Implementation Example

Follow the organization's breach notification procedures for recovering from a data breach incident

ID: RC.CO-04.362

Context

Function
RC: RECOVER
Category
RC.CO: Incident Recovery Communication
Sub-Category
Public updates on incident recovery are shared using approved methods and messaging

Related questions

ResponseHub is the product I wish I had when I was a CTO

Previously I was co-founder and CTO of Progression, a VC backed HR-tech startup used by some of the biggest names in tech.

As our sales grew, security questionnaires quickly became one of my biggest pain-points. They were confusing, hard to delegate and arrived like London busses - 3 at a time!

I'm building ResponseHub so that other teams don't have to go through this. Leave the security questionnaires to us so you can get back to closing deals, shipping product and building your team.

Signature
Neil Cameron
Founder, ResponseHub
Neil Cameron