Checklist for Data breach response guideline

Introductory note:
This checklist aids an organisation in responding to a data security breach. It addresses key data security requirements and other legal compliance obligations that may apply to an organisation.

How to use this checklist:
This checklist guideline is based on the US National Institute of Standards and Technology (NIST) Cybersecurity Framework. It is not a one-size-fits-all approach. Different organisations will have unique risks, threats and vulnerabilities, and will implement their data breach response strategy with differing priorities. It is important to bear in mind that while risk can be reduced, the possibility of an ICT breach cannot be eliminated entirely.

Other notes:
The guideline is a living document and will continue to be updated as new technologies, threats, risks, and solutions arise.

Links to related content:
See our data breach notification scheme topic for detailed guidance on the mandatory notifiable date breaches scheme (NDB scheme).