Incident Management Policy

Last updated 1st August 2024

1. Purpose

The purpose of this Incident Management Policy is to establish a framework for identifying, managing, and resolving incidents that may impact the integrity, availability, and security of Eventflow Technologies Ltd’s services. This policy aims to minimise the potential impact on our services and data security while ensuring a timely and effective response to incidents.

2. Scope

This policy applies to all employees, contractors, and third-party vendors of Eventflow Technologies Ltd who may be involved in the identification, reporting, and management of incidents.

3. Definitions

  • Incident: Any event that disrupts, or has the potential to disrupt, the normal operation of our services, including security breaches, system failures, and performance issues.
  • Low Priority Incident: Minor issues with minimal impact on operations or user experience.
  • Medium Priority Incident: Issues that may affect user experience but have workarounds available.
  • High Priority Incident: Significant issues impacting multiple users or critical functions, requiring immediate attention.
  • Critical Incident: Severe issues causing major disruptions or data breaches, necessitating urgent and comprehensive response.

4. Incident Management Process

4.1. Identification and Reporting

  • All incidents must be reported immediately upon identification to the Incident Response Team (IRT) via email or by telephone.
  • The IRT is responsible for logging the incident, categorising its priority, and initiating the appropriate response procedures.

4.2. Categorisation

  • Low Priority Incidents: Addressed within 48 hours.
  • Medium Priority Incidents: Addressed within 24 hours.
  • High Priority Incidents: Addressed within 24 hours.
  • Critical Incidents: Addressed within 24 hours.

4.3. Response and Resolution

  • The IRT will investigate the incident, determine its root cause, and implement corrective actions to resolve the issue.
  • The IRT will communicate with relevant stakeholders throughout the incident lifecycle, providing regular updates on the status and actions being taken.

5. Communication and Notification

  • Initial Notification: An initial notification will be sent to affected stakeholders via email, providing a brief description of the incident, its impact, and the immediate steps being taken.
  • Regular Updates: Stakeholders will receive regular updates on the status of the incident, actions taken, and any relevant findings or developments.
  • Incident Report: Upon resolution, a detailed incident report will be provided, outlining the root cause, resolution steps, and any measures implemented to prevent future occurrences.

6. Continuous Improvement

  • Post-incident reviews will be conducted to evaluate the response and identify any areas for improvement.
  • Lessons learned will be documented and used to enhance the incident management process and prevent recurrence.

7. Roles and Responsibilities

  • Incident Response Team (IRT): Responsible for managing the incident response process, including identification, categorisation, investigation, and resolution of incidents.
  • Employees and Contractors: Responsible for reporting incidents promptly and cooperating with the IRT during the response process.
  • Third-Party Vendors: Expected to comply with this policy and report incidents involving their services or products promptly.

8. Compliance and Review

  • This policy will be reviewed annually and updated as necessary to ensure its effectiveness and alignment with industry best practices and regulatory requirements.
  • Compliance with this policy is mandatory for all employees, contractors, and third-party vendors of Eventflow Technologies Ltd.

9. Contact Information

For any questions or clarifications regarding this policy, please contact the Incident Response Team at [email protected].

Eventflow Technologies Ltd.
Effective Date: 01/08/2024
Reviewed by: Christian Skelton, Director
Approved by: Henry Barnett, Director

Cyclists competing at cycle event

Schedule an Eventflow Exhibitor Manual Demo

Complete the form below to book a no-obligation, 15-minute Eventflow exhibitor manual demo. Discover how Eventflow is streamlining event management, one exhibitor at a time.
Thank you! We have received your demo request.
Oops! Something went wrong while submitting the form.