...
Unauthorized access, use, disclosure, modification, or destruction of information;
Interference with information technology operation;
Violation of explicit security policy by any party;
Compromised user accounts;
Unauthorized access to, or use of, systems, software, or data;
Unauthorized changes to systems, software, or data.
...
...
Procedure Instructions
Incident Detection and Impact Assessment
All incident detected should be evaluated by the revealing person in terms of potential impact:
Functional impact (if the incident consequences influence the usability and stable work of the application);
Data impact (if the incident consequences influence data privacy of data integrity of the application users);
Reputational impact (if the incident consequences influence the Alpha Serve reputation in terms of business ethics, employer branding, product quality, taxes or other.
Based on the primary evaluation, the recoverability efforts are defined and documented.
Incident Reporting and Escalation
Each employee, temporary worker and contractor must report their supervisor on actual or suspected application security incidents as soon as possible so that work can begin to assess, investigate and resolve them.
All information about the security incident is communicated and stored internally.
An incident report must include:
date and time of detection;
a person who revealed the incident;
short description of the incident, including screenshots, screencasts and copies of emails if relevant;
risk category according to the Application Security Policy;
impact assessment results;
possible solutions details;
other parties informed if relevant.
If the incident poses any kind of immediate danger, the Alpha Serve CEO should be informed immediately by email and telephone. Only the CEO can be responsible for final risks evaluation and further decisions on communication with customers (if affected) and Atlassian (if relevant) by creating an App Security Incident ticket.
Incident Resolution and Post-Incident Review
Based on the information in the incident report, supervisor and/or Alpha Serve management team define the further process of incident resolution and create tasks and assignments with due dates to the relevant team members.
After the incident resolution, the supervisor defines the type and amount of testing and assessment measures in order to control the results and ensure the correct work of application from every perspective.
Incident report data is included in the internal knowledge base when relevant.