Incident Response Policy
How Finpliq identifies, responds to and communicates security incidents.
At a glance
- Security incidents are triaged, contained, investigated and recorded.
- Customer, ICO or HMRC notifications are made where legally or contractually required.
Full policy
- Incident categories include unauthorised access, suspected data breach, tenant isolation failure, compromised credentials, suspicious admin activity, service disruption, malware, supplier incident and HMRC filing/security incident.
- Response steps include detection, triage, containment, evidence preservation, eradication, recovery, communication and post-incident review.
- Incident records should include timeline, affected systems, affected data, decisions, communications, remedial actions and lessons learned.
- No incident communication should speculate or conceal material facts. Communications must be accurate, proportionate and timely.