Does your team have a crisis management process for handling major security incidents?
Yes, we have a dedicated team.
Yes, we consistently follow a temporary process (for example, a process based on FEMA incident Command System, or ICS).
No, we do ad hoc reporting.
Does this process include provisions to bring in vendor teams with deep incident response, threat intelligence, or technology platform expertise?
Yes, with clear engagement triggers.
Yes, but we don’t follow it consistently.
No, we have an ad hoc process.
Does this process involve executive leadership including legal teams and regulatory bodies?
Does this process include communications and public relations teams?
Does your team conduct regular exercises to practice and refine this process?
Browser storage not available - answers given will not be saved between page refreshes
An error occurred while processing your response. Please try again shortly.
An error occurred while loading the questionnaire. Please refresh the page and try again.