Incident Response Policy

1. Purpose The purpose of this policy is to establish a framework for identifying, responding to, and mitigating the impact of security incidents at SkuHunt. This ensures minimal disruption to our services and protection of sensitive data related to TikTok Shop orders. 2. Scope This policy applies to all employees, contractors, and third-party service providers who may be involved in identifying or responding to security incidents involving SkuHunt systems. 3. Roles and Responsibilities Incident Response Lead: The primary contact for all incidents is the Security Lead (sagar@skuhunt.com). This person is responsible for coordinating the incident response process and communicating with stakeholders. Engineering Team: Responsible for investigating the incident, identifying the root cause, and implementing a resolution or mitigation strategy. Customer Support: Communicates with affected users, providing timely updates as needed. 4. Incident Reporting and Communication Internal Reporting: Any employee who identifies a potential security incident must report it immediately to the Incident Response Lead. External Communication: If the incident involves customer data or has a significant impact, the Incident Response Lead will notify affected users and relevant authorities as required by law. Communication Channels: All incident-related communications will occur through secure, encrypted channels (e.g., email or Slack) to maintain confidentiality. 5. Incident Response Phases Identification: Detect and report any unusual activity or security anomalies. Containment: Implement immediate measures to limit the impact of the incident. Investigation: Determine the cause and extent of the incident. Mitigation and Recovery: Apply fixes, restore services, and verify the resolution of the issue. Post-Incident Review: Document the incident, review the response process, and implement any improvements. 6. Policy Review This policy is reviewed annually to ensure its effectiveness and alignment with industry best practices. 7. Contact Information For any incident-related inquiries, please contact sagar@skuhunt.com.