Menu
Close

© RALM ITC Services PTY LTD. All Rights Reserved.

Incident and Rapid Response Policies

Effective Date: 01 January 2025

RALM Tech is dedicated to providing swift and effective responses to cybersecurity incidents. Our Incident and Rapid Response Policies outline the procedures, responsibilities, and expectations for handling security breaches, system compromises, and other critical incidents. By engaging our services, you agree to the terms detailed in this policy.

1. Purpose

This policy is designed to:

  • Minimise the impact of cybersecurity incidents on your organisation.
  • Provide clear procedures for incident detection, reporting, and resolution.
  • Ensure compliance with regulatory and contractual obligations.

2. Scope

This policy applies to all RALM Tech clients who have subscribed to our cybersecurity services, including:

  • Managed Detection and Response (MDR)
  • Incident Response Retainers
  • Threat Management Services

3. Incident Reporting

Client Responsibilities

  • Report incidents immediately via our emergency contact channels:
  • Provide detailed information, including:
    • Nature of the incident (e.g., ransomware, data breach).
    • Systems or data affected.
    • Time and date of detection.
    • Any initial mitigation steps taken.

RALM Tech Responsibilities

  • Acknowledge receipt of the incident report within 30 minutes.
  • Assign a response team to assess and mitigate the issue.
  • Provide regular updates during the incident resolution process.

4. Incident Response Process

Detection and Analysis

  • Identify the root cause and scope of the incident.
  • Analyse logs, alerts, and other relevant data to assess the impact.

Containment and Mitigation

  • Isolate affected systems to prevent further damage.
  • Apply patches, updates, or temporary fixes to mitigate vulnerabilities.

Eradication and Recovery

  • Remove malicious elements from affected systems.
  • Restore systems and data to operational status using backups if necessary.

Post-Incident Review

  • Document findings and actions taken during the response.
  • Provide recommendations to prevent future incidents.

5. Incident Response Retainer

Scope of Services

  • Retainer clients receive priority access to RALM Tech’s incident response resources.
  • Includes predefined hours of support and faster response times.

Client Benefits

  • Reduced downtime and operational impact.
  • Proactive measures to prevent recurring issues.
  • Regular reviews and updates to response plans.

6. Regulatory Compliance

Our incident response services are designed to help you meet compliance requirements, including:

  • GDPR: Incident reporting and data breach management.
  • POPIA: Protection of personal information and notification of affected parties.
  • ISO 27001: Alignment with international information security standards.

7. Limitations of Liability

RALM Tech is not responsible for damages resulting from:

  • Failure to report incidents promptly.
  • Pre-existing vulnerabilities not disclosed during onboarding.
  • Actions taken by third parties without our consultation.

8. Changes to this Policy

We reserve the right to update this policy to reflect changes in industry practices or regulatory requirements. Clients will be notified of significant updates.

9. Contact Information

For emergency support or questions about this policy, please contact us:

Thank you for trusting RALM Tech. Our Incident and Rapid Response services are here to protect your business when it matters most.

RALM Tech