Medzy Trust Center

Below is a list of all related controls for this domain. A status of green means compliant, yellow means partially compliant, and red means non-compliant.

Incident Documentation

The organization documents incidents for investigation, compliance, learning, and communication purposes. Also to helps analyze the incident, meet legal requirements, identify improvements, and maintain records.

Incident Reporting Policy

Incident reporting guidelines are established and communicated to ensure clear incident reporting to relevant individuals and authorities. The objective of incident reporting is to facilitate timely and efficient incident response and to comply with legal and regulatory requirements for incident reporting. The incident reporting process typically involves identifying and categorizing incidents, notifying relevant stakeholders, documenting incident details and responses, and performing post-incident analysis to identify and address vulnerabilities.

Incident Response Lessons Learned

Lessons learned from responding to incidents and incident response tests are documented to identify areas for improvement. The incident response team must review incident response procedures, identify gaps or weaknesses, and develop and implement a plan for addressing those issues to continuously enhance incident response capabilities and prevent similar incidents from occurring in the future.

Incident Response Plan

An Incident Response Plan (IRP) is documented and outlined to define the actions to be taken by individuals in the event of a cybersecurity incident. It includes procedures for identifying, containing, eradicating, and recovering from an incident and guidelines for communication and reporting to internal and external stakeholders. The IRP is designed to enable the organization to respond to an incident promptly, effectively, and coordinatedly.

Incident Response Policy

The organization has established an incident response policy that outlines the processes for detecting, responding to, and recovering from security incidents. This policy encompasses the identification, triage, and effective response to security events and incidents, along with implementing appropriate measures to minimize damage and the likelihood of recurrence. The primary objective of the incident response policy is to mitigate the impact of security incidents, prevent future occurrences, and facilitate the swift restoration of normal operations.

Incident Response Testing

Incident response testing is conducted regularly to evaluate the organization’s ability to detect, investigate, and respond to a security incident. It involves testing the effectiveness of the incident response plan and the coordination of the incident response team. Incident Response Testing aims to identify weaknesses and gaps in the incident response plan and improve the organization’s overall security posture. Testing can be conducted through various methods, including tabletop exercises, simulations, and full-scale drills.