All employees must know the contact point for reporting incidents

Employees must be aware of how to report Incidents and security incidents. This information should be documented and known by every user in the organisation.

Pre-programming shortcuts on the desktop and/or pre-programming incident contact info in phones can speed up the process in case of an incident.

Technical Staff, System and Network Administrators must be aware of escalation procedures depending on the type and severity of the incident.

Escalation Procedures must include contact info of:

  • Management Team
  • Operations management
  • Operations team
  • Marketing & Communications
  • Data Privacy Officer
  • Emergency services (police, …)
  • FOD Economy (Spam, etc.)
  • Legal advisor
  • Cybersecurity experts (contractors, …)
  • Forensic specialists
  • Suppliers