We follow a rapid set of steps as soon as a security or data incident is identified. The high-level steps we follow in the event of an incident are as follows.

1. We identify or are notified of a potential incident
2. We investigate the situation
3. We take appropriate action to contain the situation
4. We recover systems, data and connectivity if disrupted
5. We conduct further deep-dive investigation to identify whether there was in fact an incident or whether it was a false alarm.
6. If a positive incident is confirmed, our Information Officer will report the incident to the Regulator, and impacted Data Subjects and companies involved.
7. We carry out a post-incident review and conduct forensic analysis.
8. We update information, controls and processes going forward to eliminate the threat of recurrence.