(Satisfies SOC IS-1 Requirements)
3.2 Awareness & Training Policies
3.5 Identification and Authentication
3.13 Systems & Communications Protection
3.14 Systems & Information Integrity
| Standard | Category | Controls Satisfied | 800-53r4 Controls | ISO/SEC 27001 | Audit Controls |
|---|---|---|---|---|---|
| DLZP Group | Breach Notification | None | None | None | None |
| Date | Comment | Who |
|---|---|---|
| 8/23/2019 | Created Page | Tharp |
| 8/29/2019 | Copied Content For IS-1 SOC submission | Tharp |
| 10/6/2021 | Policy's Reviewed for Audit | Tharp |
The DLZP Group Breach Notification processes are designed to provide prompt and transparent communication of cyber security events through standardized communication flow and process. The goal of Breach Notification Process is to define a communication flow that will mitigate mis-information, risk and minimize disruption to the impacted IT services and business operations.
The Breach Notification Process is establish by the DLZP Group Executive Team to ensure standard procedures for managing cyber security events and minimize the risk and impact an event may have on our customers business operations.
DLZP Group shall implement a repeatable Breach Notification plan to track all cyber security events.
DLZP Group follows the Breach Notification pattern depicted in Figure 1. The Breach Incident management processes follow the same pattern of our standard incident management practices. The only difference is with internal escalation (DLZP Executives) and Communication Flow.
