Incident Response¶
2026.1
Changineers implements an information security incident response process to detect, respond to, and report incidents, mitigate the weaknesses that were exploited, and restore information system functionality and business continuity.
Policy Statements¶
Changineers policy requires that:
(a) All computing environments and systems must be monitored in accordance with the System Auditing and Access policies.
(b) All alerts must be reviewed to identify security incidents.
(c) Incident response procedures are invoked upon discovery of a valid security incident.
(d) Incident response team and management must comply with any additional requests by law enforcement in the event of criminal investigation or national security, including but not limited to warranted data requests, subpoenas, and breach notifications.
Controls and Procedures¶
Incident Tracking and Records¶
A record is created for each reported incident in incident.io. Each incident record captures the relevant attributes and progression of the incident, including the following as applicable:
- Summary
- Description
- Impact
- Priority and severity
- Analysis notes and comments
- Root cause
- Resolution
- Lessons learned
Where a detailed post-mortem is warranted, the Security or Engineering team writes it up and links it from the incident record.
Customer-impacting incidents are communicated to users through Changineers’s public status page.
Revision History¶
| Date | Summary | Approved by |
|---|---|---|
| 2020-01 | Initial revision. | James Gregory |
| 2026-04-24 | Adopted policy with incident tracking procedure. | James Gregory |