SOP owner: IT Security — Last reviewed: [Date]
What counts as an incident
An incident is any event that has — or could — negatively impact the confidentiality, integrity, or availability of company systems or data. Examples:- Suspected data breach or unauthorized access
- Ransomware or malware infection
- Accidental exposure of sensitive data
- Extended system outage
- Physical security breach
Severity levels
| Level | Description | Response time |
|---|---|---|
| P1 — Critical | Active breach, ransomware, data exfiltration | Immediate |
| P2 — High | Suspected breach, significant system outage | Within 1 hour |
| P3 — Medium | Isolated issue, no confirmed data exposure | Within 4 hours |
| P4 — Low | Minor anomaly, no immediate risk | Within 24 hours |
Response procedure
Identify and report
Anyone who identifies or suspects an incident must report it immediately to:
- IT Security: security@blevinsholdings.com
- Phone: [Emergency IT number — to be added]
Contain
IT Security will assess the situation and take initial containment steps, which may include:
- Isolating affected systems from the network
- Suspending compromised accounts
- Blocking malicious IPs or domains
Assess
Determine the scope and severity:
- What systems or data were affected?
- Is the threat still active?
- Is there evidence of data exfiltration?
Notify
Based on severity and scope, notify:
- Affected team leads and management
- Legal and compliance (if data exposure is suspected)
- Affected clients (if required by contract or regulation)
- Regulatory bodies (if required by law)
Eradicate and recover
Remove the root cause and restore systems from clean backups or known-good states. Verify integrity before bringing systems back online.
Communication guidelines
- Do not discuss active incidents on public channels, social media, or with unauthorized parties
- Internal communications about incidents should be kept to email or direct messages — not Slack channels
- All external communications must be approved by Legal before sending
SOP owner: IT Security