=====Breach Notification Process=====

<WRAP round box>
====Control Satisfaction Matrix====
^ Standard      ^ Category              ^ Controls Satisfied  ^ 800-53r4 Controls  ^ ISO/SEC 27001      ^ Audit Controls  ^
| DLZP Group  | Breach Notification|None     | None       | None  | None     |


====Major Document History====
^ Date       ^ Comment       ^ Who    ^
| 8/23/2019  | Created Page  | Tharp  |
| 8/29/2019  | Copied Content For IS-1 SOC submission | Tharp  |
| 10/6/2021  | Policy's Reviewed for Audit             | Tharp  |
</WRAP>


====Purpose and Scope====
The DLZP Group Breach Notification  processes are designed to provide prompt and transparent communication of cyber security events through standardized communication flow and process. The goal of Breach Notification Process is to define a communication flow that will mitigate mis-information, risk and minimize disruption to the impacted IT services and business operations.

====Background====
The Breach Notification Process is establish by the DLZP Group Executive Team to ensure standard procedures for managing cyber security events and minimize the risk and impact an event may have on our customers business operations. 

====Policies====

DLZP Group shall implement a repeatable Breach Notification plan to track all cyber security events.

----
=====Response Plan=====

DLZP Group follows the Breach Notification pattern depicted in **Figure 1.** The Breach Incident management processes follow the same pattern of our standard incident management practices. The only difference is with internal escalation (DLZP Executives) and Communication Flow.

==Figure 1==
{{:corpgov:incidents-breach.png|}}