Incident Management & Response

Security Incident Management Procedure

Neuro+'s Security Incident Management Procedure establishes a structured approach that encompasses the entire incident lifecycle, from detection and reporting through to resolution and continuous improvement. It defines clear roles and responsibilities, with the Chief Information Security Officer (CISO) overseeing the program and an Incident Response Team (IRT) managing day-to-day incident handling. The procedure utilises a four-tier severity classification system (Critical, High, Medium, Low) with corresponding response timeframes ranging from immediate to routine. All incidents are tracked in a secure incident register, documented, and subjected to post-incident reviews to identify lessons learnt and implement necessary policy updates. This systematic approach ensures that security incidents are managed effectively while maintaining compliance with regulatory requirements and continuously improving the organisation's security posture.