Appendix E: Incident Response Plan Link

Aligning with NIST SP 800-61r3 and FCA SYSC 13 guidance

Purpose

This appendix provides a direct reference to Xcavate’s Incident Response Plan (IRP), which defines the structured approach for identifying, containing, mitigating, and recovering from cybersecurity incidents. It supports organisational resilience, regulatory compliance, and response preparedness.

Governance & Alignment

  • Primary Framework: NIST SP 800-61r3 – Computer Security Incident Handling Guide

  • Compliance Reference: FCA Handbook – SYSC 13.24 to SYSC 13.29 (Outsourcing & Business Continuity)

  • Integration: Interlocks with Threat & Vulnerability Management, BCP/DR, Identity & Access Control

Document Overview

Attribute

Details

Document Title

Xcavate Incident Response Plan (IRP)

Version

v2.1

Owner

Head of Security & Compliance

Approval Date

01 May 2025

Next Review Date

01 November 2025

Storage Location

Secure SharePoint Drive (XSEC-IRP)

Distribution

CISO, DR Team, SOC, Engineering Leads, Legal, Compliance

Restricted Access

Yes – Role-Based via IAM (Incident Responders, ITSEC)

Direct Link to Plan

Incident Response Plan - Secure Access Link

(Note: Secure login required. Multi-Factor Authentication enforced)

Key Components in Plan

  • Incident Types & Definitions

  • Roles & Responsibilities (SOC, Legal, Comms, IT)

  • Communication & Notification Protocols

  • Containment & Eradication Procedures

  • Post-Incident Review & Reporting

  • Escalation Matrix

  • Testing & Tabletop Exercises

  • Integration with Threat Intelligence Feeds

References

  • NIST SP 800-61r3

  • FCA SYSC 13 – Systems and Controls

  • [Xcavate Threat & Vulnerability Management Plan]

  • [Xcavate Crisis Communication Framework]

PreviousAppendix D: DR Site Map & Network DiagramsNextTest Report & Corrective Action Log

Last updated