All critical vulnerabilities and incidents reported to:
Head of Security
CTO and COO
External regulators (e.g., FCAarrow-up-right, ICOarrow-up-right) where thresholds are met if investors are involved
Maintain evidenced audit trails of:
Vulnerability scans
Patching SLAs
Risk treatment plans
External reports
References:
FCA https://www.fca.org.uk/arrow-up-right
ICO https://ico.org.uk/about-the-ico/our-information/regulators-code/arrow-up-right
Last updated 7 months ago