Security Incident Procedure

Scope

This procedure covers steps in case of security incident

Process

• immediately report an incident via Atlassian Service Desk

• file an internal ticket with priority 'High'

• assign an engineer to discover the cause of incident and close the security hole

• maintain a communication line to Atlassian via support desk or phone if nedded

• depending on the severity of the incident, customers may or may not be directly informed

Review

This policy is reviewed annually and is kept up to date with requirements stated by Atlassian.