Related Posts
Additional Posts in Privacy Law
New to Fishbowl?
Download the Fishbowl app to
unlock all discussions on Fishbowl.
unlock all discussions on Fishbowl.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Download the Fishbowl app to unlock all discussions on Fishbowl.
Copy and paste embed code on your site
Send download link to your phone
OR
Scan your QR code to download
Fishbowl app on your mobile
It should be a combination of all of the above working in concert. There should be clearly established points of contact (and how to reach them on non-work numbers/emails) and who has authority to make business decisions.
Agree but am looking more to understand who companies are tagging to make sure all action items are completed so that there aren't too many cooks in the kitchen.
Generally you’d want legal and infosec roles coordinating response activities. As to other stakeholders, consider involving ops (for business impacts), dev or IT (for remediation implementation, e.g.) , finance (for insurer notifications, payments, etc.), corporate comms or marketing (for PR messaging purposes), and someone to act as a liaison to the board/senior leadership. Be careful in how you frame your incident response plan, and make sure that there is some sort of risk-based escalation criteria to activate the full team, as well as a process for resolving lower-risk incidents. Most importantly, make sure you train the relevant parties on the plan, and test it periodically. Otherwise I can guarantee that the plan is just going to sit there unopened in the event of an actual incident.
There seems to be 2 ways to lay it out. 1 is where each team has their own IR setup and 1 where it's company global. With either direction you can streamline the process by using the same reports and structure. Mostly it depends on the size of your company and the maturity of your monitoring and alerting system. If manual alerts need to be fired and a clear owner isn't established, generally you can go to Production Operations and they can orchestrate