For any incident, SM8 staff and management need to address the following items via its checklist of items.
- Establish who is responsible to address the checklist items.
- Establish the date/time the incident check-list item is first addressed, and the related date/time the item is completed.
- Ensure the response timeline for every item in the incident checklist is handled appropriately and in a timely manner.
- The overall checklist must be reviewed and signoff by SM8 Directors Steve or Clive
- All incidents raised must be rectified and closed appropriately.
- Management must conduct a performance risk assessment, impact analysis and root cause analysis upon any security incident that causes system downtime.
- For root cause analysis SM8 may be required to incorporate its vendor hosting provider AWS
- The analysis reports to be distributed to all respective stakeholders.
