Your Cart

Policy – Incident Response Plan

Publication date: October 2021


Here at McKee Creative, we take safety and security seriously. To maintain the trust of our employees, customers and partners, and meet regulatory requirements, it is essential that we do everything we can to protect confidential information and systems. 

We understand that the better prepared we are to respond to virtual (cyber-security, theft) or physical (power failures, natural disasters) threats, the faster we can eradicate this threat and reduce the impact on our business. 

We have taken the time to formulate an Incident Response Plan that explains how to detect and react to incidents, determine their scope of risk, respond appropriately (and quickly) and communicate the results and risks to all stakeholders.

Effective incident response involves every part of our organisation, including IT teams, technical support, corporate communications, and business operations. We understand it is important that each member of our team reads and understands their role.

Testing and Updates

Testing of the Incident Response Plan ensures that all team members are aware of their obligations (unless real incidents occur which test the full functionality of the process). By testing our response to potential incidents, we can identify process gaps and improvement areas, and record these observations for further improvement. By doing so, we can further update our Incident Response Plan to perfectly suit the team and process at McKee Creative, every time.

Incident Response Overview

Below is the structured 6-step process followed in this document as defined by the SANS Institute in their Incident Handler’s Handbook that the team at McKee Creative will follow in response to an incident or threat. The 6 steps outlined are:

  • Preparation – review and codify an organisation security policy, perform a risk assessment, identify sensitive assets, define which are critical security incidents the team should focus on, and build a Computer Security Incident Response Team (CSIRT). 
  • Identification – monitor IT systems and detect deviations from normal operations and see if they represent actual security incidents. When an incident is discovered, collect additional evidence, establish its type and severity, and document everything. 
  • Containment – perform short-term containment, for example isolating the network segment that is under attack. Then focus on long-term containment, which involves temporary fixes to allow systems to be used in production, while rebuilding clean systems. 
  • Eradication – remove malware from all affected systems, identify the root cause of the attack, and take action to prevent similar attacks in future. 
  • Recovery – bring affected production systems back online carefully, to prevent additional attacks. Test, verify, and monitor affected systems to ensure they are back to normal activity. 
  • Lessons learned – no later than 2 weeks from the end of the incident, perform a retrospective of the incident. Prepare complete documentation of the incident, investigate the incident further, understand what was done to contain it and whether anything in the Incident Response process could be improved. 

Workforce Continuity

To keep everything running smoothly, regardless of physical or virtual threats, the team at McKee Creative will do everything in our power to keep things as accessible and reliable as possible. Our data is stored in a secure location and our team works remotely in general, as we aim for the best in workplace continuity. We understand that by providing a safe and secure environment for our data and employees, we establish a strong business network.

Roles, Responsibilities and Contact Information

 Our Incident Recovery Team is generally made up of the hard-working members of IT, who collect, preserve and analyse data in-tandem with Jo McKee herself. With their experience and understanding, they can ensure the Incident Response Plan is carried out as effectively and efficiently as possible. 

However, we understand avoiding incidents is done best when everyone is involved. Our entire team at McKee Creative will be well-versed in safety and security protocols, as well as the Incident Response Plan in general… just to keep everyone on the same page. 

If you do need to get in contact with any of our staff in regards to our Incident Response Plan, please contact the team directly at grow@mckeecreative.store.

Or, if any major problems occur, we suggest you keep these names in mind:

  • Michael Schwarzel
    Technical Partners/Third Party Incident Response
    Contact details:
    Phone: 0488 068719
    Email: michael@grandprixyachting.com.au