Incident Response Procedure
This procedure describes how Pretzel Films Ltd identifies, reports, manages and resolves information security incidents. The objective is to minimise business disruption, protect client and company data, and ensure appropriate remediation actions are taken.
Scope
This procedure applies to all employees, contractors, freelancers and suppliers who use or access Pretzel Films Ltd systems, devices, networks or cloud services.
It covers incidents affecting:
- Company devices and laptops
- Cloud services and online accounts
- Client data and production materials
- Internal systems and communications
Definition of an Incident
An information security incident is any event that may compromise the confidentiality, integrity or availability of information or systems.
Examples include:
- Loss or theft of a company device
- Unauthorised access to files or systems
- Suspicious emails or phishing attempts
- Malware or ransomware infections
- Data breaches or suspected data breaches
- Accidental disclosure of confidential information
Incident Reporting
All suspected incidents must be reported as soon as possible.
Users should report incidents immediately when they suspect:
- a device has been compromised
- credentials may have been exposed
- confidential information has been shared incorrectly
- any unusual system behaviour occurs
Incident Response Process
Pretzel Films Ltd follows a structured process for handling incidents.
1. Identification
- Receive report of potential incident
- Confirm whether the event qualifies as a security incident
- Record details of the incident
2. Containment
- Limit the impact of the incident
- Disable affected accounts if necessary
- Isolate affected devices or systems
3. Investigation
- Determine the cause and scope of the incident
- Review system logs or account activity where available
- Identify affected data or systems
4. Remediation
- Remove malicious activity or compromised access
- Reset passwords or credentials where required
- Restore systems or data from backup if necessary
5. Recovery
- Return systems to normal operation
- Verify that controls are functioning correctly
6. Lessons Learned
- Review the incident and identify improvement actions
- Update policies, training or controls where required
Roles and Responsibilities
Co-Chairs
- Provide overall oversight of incident response
- Approve major response actions where necessary
- Communicate with affected stakeholders when appropriate
All Employees and Contractors
- Promptly report suspected incidents
- Follow security procedures and guidance
- Assist with investigation if required
Incident Records
All incidents are recorded to support review and continuous improvement. Records may include:
- date and time of incident
- description of the issue
- systems or data affected
- actions taken
- final resolution
Regulatory and Client Notification
If an incident involves personal data or client information, Pretzel Films Ltd will assess whether notification is required under applicable data protection laws or contractual obligations.
Continuous Improvement
Pretzel Films Ltd reviews incidents periodically to improve security controls and reduce the likelihood of similar events occurring in the future.
Approval
Approved by: PJ Bickford
Title: Co-Chair
Organisation: Pretzel Films Ltd
Date: 01 January 2026