Data Breach Incident Response Plan Purpose & Introduction This plan has been produced to provide a coordinated and best practice to a data security breach which can happen for a number of reasons, including but not limited to:
Loss or theft of data or equipment on which data is stored Inappropriate access controls allowing unauthorised use Equipment failure Human error Unforeseen circumstances such as fire or flood Cyber attack Social Engineering offences where information is obtained by deceiving the organisation who holds it
Scope of the Incident Response Plan This document identifies numbered tasks that are the order of steps that need to be taken in the event of an incident. The plan consists of four key elements:
Containment & Recovery Assessment of ongoing risk Notification of breach Evaluation and response
Containment & Recovery
All incidents or suspected incidents must be reported immediately to the Incident Manager The Incident Manager may decide to convene the Incident Response Management Team dependant on the impact and scale of the incident Global Steel Exports, 31 Greenhill Crescent, Watford Business Park, Watford, WD18 8YB. Tel: +44 (0) 1923 658575 658546 Website: www.globalsteelexports.com Registration no: 10517458
Pa ge 1|4