Product SiteDocumentation Site

4.3.6. Public Disclosure must sign off on these tasks unless he/she delegates one or more of them to someone else. These tasks should be completed as soon as is feasible, and may consist of multiple notifications and updates, or be combined into one notification if the incident is discovered and fixed quickly. Each of the tasks listed below must be completed.
Notification Tree
Sign offTaskDescription
Initial NotificationLet everyone know that an incident has happened.
Partner IntegrityWhen a partner has been determined to be affected and therefore notified (refer to Section 4.3.5, “Partner Communication”), outgoing notifications must not jeopardize the integrety of any investigations underway by those partners.
Service RepairOnce a service repair plan is formulated, notify all affected parties about any service availability changes during rebuild and repair.
CredentialsOnce the environment is deemed secure, notify all affected parties and institute a system-wide password change by all account holders.
EntryOnce the entry point has been located, assessed, and repaired, and investigations are completed, notify all affected parties of the cause of the incident and the specific repairs undertaken to prevent recurrence.
Time line/PostmortemOnce the rebuild/repair phase is complete and services are returned to normal, send a summary of the repairs undertaken and, if appropriate, the rationale for these actions. This communication should include the same time line used by the incident response team.