Closed SimonPPledger closed 1 week ago
Incident runbook is here - https://user-guide.modernisation-platform.service.justice.gov.uk/runbooks/manage-an-incident.html#incident-process
Will update
how to potentially revoke IAM and network access -
IAM - https://user-guide.modernisation-platform.service.justice.gov.uk/runbooks/revoking-user-access.html
Network - https://user-guide.modernisation-platform.service.justice.gov.uk/runbooks/revoke-network-access.html
how and what we communicate - https://user-guide.modernisation-platform.service.justice.gov.uk/runbooks/manage-an-incident.html
where we raise any subsequent ticket - I have added links to mod platform security repo incident raising, and raised a test issue as asked.
Test issue raised - https://github.com/ministryofjustice/modernisation-platform-security/issues/21
No team review has been undertaken but this can be organised separately. I will raise a follow-on ticket to cover this as @ep-93 is away on leave.
User Story
Following on from the review by NCSC, we need to know what to do in the case of a security incident, including:
Value / Purpose
This helps to minimise impact of any security threats by enabling us to respond quickly
Useful Contacts
No response
Additional Information
No response
Definition of Done