The Construction Training Fund’s (CTF) Information Breach Response Plan sets out the steps the CTF will take if it experiences an information breach, or suspects that a breach has occurred.
| Step 1 IDENTIFY | Identify the who, what, how, where and why of the breach. Timeframe – immediately |
| Step 2 CONTAIN | The person who discovers the breach must take whatever measures possible to contain the breach, minimise damage, and prevent any potential harm. The person who is responsible for containing the breach collects information about the breach, preserves evidence, immediately notifies their line manager, records the details using the CTF’s Information Breach Notification Form and follows local policies and procedures. Timeframe – immediately |
| Step 3 ASSESS | The relevant Manager or applicable person will assess the breach and complete the appropriate sections of the CTF’s Information Breach Notification Form. If the assessment suggests: • a potential breach of discipline/code of conduct – inform the CTF’s Chief Executive Officer, who will implement appropriate actions • a cyber security breach – inform the CTF’s IT Systems Manager Timeframe – assessment completed within 30 days of the breach |
| Step 4 NOTIFY | Subject to the circumstances of the information breach, there are various notifications that must be considered and undertaken, where relevant. These include: • The CTF’s information asset custodians • Internal officers CEO and/or Board • State Solicitor’s Office • Affected individuals, stakeholders and/or agencies • Information Commissioner Timeframe – within 30 days of the breach |
| Step 5 REVIEW | In this final stage of the Information Breach Response, the assessor will: • review the assessment to ensure all applicable notifications have been made determine if further actions or investigations are required • assess the risk to the organisation • work to implement actions to prevent recurrence. Timeframe – as soon as is practicable following the resolution |
Last modified on: