Table of Contents

Escalation to Client or Customer

Any employee or contractor who discovers any event of a questionable, fraudulent, or illegal nature should:

  1. Report the situation via Slack or email to our Incident Response Team, which is defined in the Incident Response Policy.
  2. Fill out the incident report form.

These reports should be made without fear of retaliation.

The incident response team will evaluate the incident and determine whether to notify the client. Situations that require escalation to the client include:

Timeline

When an incident has occurred, Nested Knowledge will notify the client or customer within 2 hours for High-Severity incidents and within 40 minutes for Critical incidents.

Incident categorization is described in our Incident Response Policy.

Roles

Our Incident Response Team, consisting of the CEO, CTO, and COO, will notify the appropriate client or customer agency via email.

Communication and Compliance

All investigators and leads on the Incident Response Team will be required to review this policy. This policy will be updated on an annual basis. Employees who deliberately violate this policy will be subject to disciplinary action up to and including termination.

Revision History

AuthorDate of Revision/ReviewComments/Description
K. Cowie01/25/2023Added changes to cloud environment as incident requiring escalation
K. Kallmes1/29/2023Approved

Return to Policies