7 simple, insightful steps for auditing your data breach response plan

March 17, 2015 by ofonseca


Daily data breach headlines are likely enough to convince you that cyber threats continue to evolve. To remain effective, your data breach response plan also needs to keep up. It’s imperative that your company reassesses its data breach response approaches regularly.

We recommend auditing your plan at least quarterly – more frequently if you have reason to believe your risks of a data breach are greater than average. Your quarterly review should aim at assessing the effectiveness of your current plan given likely scenarios like an internal breach or an external hack. Your audit should also help you identify and correct potential weaknesses in your plan.

As part of our 2014-2015 Experian Data Breach Response Guide, Experian offers this checklist of seven simple and highly effective steps to take when auditing your written policies for data breach response:

1. Is contact information current on your data breach response team list? When a breach occurs, time is limited. You need current contact information for both internal and external response team members. Cull from the list anyone who has left the company, add new department heads and recirculate the updated list to everyone who needs to have it at their fingertips.

2. Is your data breach response plan comprehensive? Your plan should take into account any major company changes that have taken place since the last audit. Review roles with team members and department heads to confirm their understanding of what will be required of them in the event of a breach.

3. Are your vendor contracts in order? When a breach occurs, you’ll call on external team members such as a forensics firm and data breach resolution provider. Review your contracts to ensure your vendor agreements will match the scope of your business.

4. Are notification guidelines clear? Everyone in your organization should know who to talk to first – such as attorneys and government agencies – if a breach occurs. Your notification guidelines need to be compliant with state regulations, and notification letter templates should also be in line with state laws.

5. Are third parties with access to your data as secure as possible? Any third parties that deal with your data should be abiding by your data protection standards. Confirm that they are and that they’re abreast of any regulatory changes that might come into play during a data breach.

6. Is your IT security effectively protecting data? Confirm that updates to software and systems, as well as monitoring and reporting, are occurring automatically. Ensure backups are occurring and that backup files are stored securely.

7. Is your staff security-aware? Verify that everyone with access to data understands your security policies and data protection procedures. Educate staff on how to spot signs of a data breach, and ensure everyone takes steps to secure data and systems, such as securing devices on and offsite, and regularly changing passwords.

Download the Experian Data Breach Response Guide to learn more about how to create and maintain an effective data breach response plan for your organization.