Written Incident Response Plan

Our plan is designed to help you promptly respond to, and recover from, any security event materially affecting the confidentiality, integrity, or availability of customer information in the dealership's control.

Get A Quote

Click below to fill out our Safeguards Status Questionnaire and we will reach out to you shortly with a free quote and consultation. 

Rule Requirement

314.4 (h)

Establish a written incident response plan designed to promptly respond to, and recover from, any security event materially affecting the confidentiality, integrity, or availability of customer information in your control. Such incident response plan shall address the following areas:

The goals of the incident response plan;

  • (1) The internal processes for responding to a security event;

  • (2) The definition of clear roles, responsibilities, and levels of decision-making authority;

  • (3) External and internal communications and information sharing;

  • (4) Identification of requirements for the remediation of any identified weaknesses in information systems and associated controls;

  • (5) Documentation and reporting regarding security events and related incident response activities; and

  • (6) The evaluation and revision as necessary of the incident response plan following a security event.

Our Service

Mosaic Compliance Services provides Written Incident Response Plan documentation included in your WISP.