Security
Incident Response Policy
How Finpliq identifies, responds to and communicates security incidents.
- Owner
- Security & Compliance
- Effective from
- 8 July 2026
- Last reviewed
- 8 July 2026
- Review cycle
- Annual or following material change
At a glance
Security incidents are triaged, contained, investigated and recorded.
Customer, ICO or HMRC notifications are made where legally or contractually required.
Full policy
Incident categories include unauthorised access, suspected data breach, tenant isolation failure, compromised credentials, suspicious admin activity, service disruption, malware, supplier incident and HMRC filing/security incident.
Response steps include detection, triage, containment, evidence preservation, eradication, recovery, communication and post-incident review.
Incident records should include timeline, affected systems, affected data, decisions, communications, remedial actions and lessons learned.
No incident communication should speculate or conceal material facts. Communications must be accurate, proportionate and timely.