Nested Knowledge

Bringing Systematic Review to Life

User Tools

Site Tools



Any employee or contractor who discovers any event of a questionable, fraudulent, or illegal nature should:

  1. Report the situation via Slack or email to our Incident Response Team, which is defined in the Incident Response Policy.
  2. Fill out the incident report form.

These reports should be made without fear of retaliation.

The incident response team will evaluate the incident and determine whether to notify the client. Situations that require escalation to the client include:

  • System intrusion - software exploit, SQL injection, XSS, use of stolen credentials.
  • Malware - ransomware, worm, spyware, rootkits, etc.
  • Information gathering - reconnaissance activities, network scanning or sniffing.
  • Social engineering - phishing, bribes and other (physical) threats
  • Fraud or theft
  • Unauthorized use of system privileges
  • Information breach
  • Other incidents categorized as high or critical in severity


When an incident has occurred, Nested Knowledge will notify the client or customer within 2 hours for High-Severity incidents and within 40 minutes for Critical incidents.

Incident categorization is described in our Incident Response Policy.


Our Incident Response Team, consisting of the CEO, CTO, and COO, will notify the appropriate client or customer agency via email.

Communication and Compliance

All investigators and leads on the Incident Response Team will be required to review this policy. This policy will be updated on an annual basis. Employees who deliberately violate this policy will be subject to disciplinary action up to and including termination.

Revision History

AuthorDate of Revision/ReviewComments/Description
K. Cowie11/15/2021Draft sent for approval
K. Kallmes11/19/2021Draft approved
wiki/policies/omnicom.txt · Last modified: 2021/11/20 22:58 by katcow