Incident Response Playbook

1 Summary

Use this playbook when responding to security incidents involving client data or vendor outages.

  1. Contain the issue and limit access.
  2. Notify Ops leadership and compliance within 1 hour.
  3. Record timeline in the incident template stored in Notion.
  4. Coordinate with vendors using documented escalation paths.

Archive after-action reports to the security S3 bucket.

Owner: Ops: Security
Last reviewed: 2025-09-24
SLA: N/A
Controls: reference
Commit: 8f0c18729ae96125ef5caf6824600a75c4928c16