We maintain a structured incident management process aligned with ITIL best practice. If a security incident affects client data or systems:
1. Detection and triage
Security events are identified through monitoring, alerting and manual reporting channels, triaged by severity, and assigned to response personnel. Critical incidents involving client data are escalated immediately.
2. Containment and eradication
Affected systems are isolated to prevent further impact. Root cause analysis identifies the attack vector or failure point, and remediation eliminates the threat.
3. Client notification — within 24 hours
You are notified of any confirmed security incident affecting your data within 24 hours of confirmed detection, including the nature of the incident, the data potentially affected, containment actions taken, and recommended next steps.
Where the Notifiable Data Breaches (NDB) scheme applies, we support you in meeting your notification obligations to the Office of the Australian Information Commissioner (OAIC).
4. Recovery and lessons learned
Systems are restored from verified clean backups where required. A post-incident review identifies improvements, and the findings are documented and shared with you.