Impro Trust Center

Below is a list of all related controls for this domain. A status of green means compliant, yellow means partially compliant, and red means non-compliant.

Forensics and Investigation Measures

Forensics and investigation measures are used to gather, analyze, and preserve digital evidence in the event of a security incident or cybercrime. These measures include techniques such as data acquisition and analysis, network forensics, malware analysis, and incident reconstruction. The goal of forensics and investigation measures is to identify the cause and scope of the incident and collect evidence that can be used in legal or disciplinary proceedings.

Incident Reporting Policy

Incident reporting guidelines are established and communicated as part of the incident response process (IRP) to ensure clear incident reporting to relevant individuals and authorities. The objective of incident reporting is to facilitate timely and efficient incident response and to comply with legal and regulatory requirements for incident reporting.

This process also ensures relevant and timely notifications are made to customers regarding incidents on the platform. Service interruptions and maintenance notifications are sent to customers and employees.

Incident Response Lessons Learned

Lessons learned from responding to incidents and incident response tests are documented to identify areas for improvement. The incident response team must review incident response procedures, identify gaps or weaknesses, and develop and implement a plan for addressing those issues to continuously enhance incident response capabilities and prevent similar incidents from occurring in the future.

Incident Response Plan

An Incident Response Plan (IRP) is documented and outlined to define the actions to be taken by individuals in the event of a cybersecurity incident. It includes procedures for identifying, containing, eradicating, and recovering from an incident and guidelines for communication and reporting to internal and external stakeholders. The IRP is designed to enable the organization to respond to an incident promptly, effectively, and coordinatedly.

Incident Response Policy

The organization has established an incident response policy that outlines the processes for detecting, responding to, and recovering from security incidents. This policy encompasses the identification, triage, and effective response to security events and incidents, along with implementing appropriate measures to minimize damage and the likelihood of recurrence.

Incident Response Testing

Incident response testing is conducted regularly to evaluate the organization’s ability to detect, investigate, and respond to a security incident. Incident Response Testing aims to identify weaknesses and gaps in the incident response plan and improve the organization’s overall security posture.