Incident Response

​

Preparation

• Formal incident response plan and roles
• Monitoring and alerting across critical systems

​

Response

• Triage, containment, eradication, recovery
• Communication procedures and stakeholder updates

​

Testing & Readiness

• Independent penetration test completed June 2025 (passed)
• Regular reviews and tabletop exercises

​

Disclosure

• No security breaches to disclose to date
• Coordinated vulnerability disclosure policy in place