Our Incident Response Program is offered in three tiers as outlined below:
1. Review: Our security analysts will provide a comprehensive review of your current incident response plan and procedures against regulatory requirements, industry standards, and RZP best practices. This review will serve as the foundation for the creation and/or revision of your incident response plan and procedures.
2. Develop: Incident Response Plan and Procedures Development. Using the analysis from the Incident Response Plan and Procedures Review, along with additional data collected to capture practices that may not be documented, we craft an Incident Response Plan and Tactical Procedures that meet regulatory requirements, industry standards, RZP best practices and are specific to your organization. The resulting deliverables provide a cohesive process for your organization to respond to cybersecurity incidents, safeguard your data and systems and perform the required notification.
3. Maintain, Test, Document: Incident Response Plan and Procedures Maintenance and Testing. RZP continuously monitors legislation and regulatory agencies for new laws and regulations affecting data privacy and security, in addition to changes in the cybersecurity threat landscape. Our analysts will update your Incident Response Policy and Tactical Procedures to keep pace with these changes. On a frequency determined by you, we will also lead your incident response team through tabletop exercises so that all team members are familiar with their roles and responsibilities while responding to an incident.