Incident Response Policy
Last updated: November 2025
1. Purpose
The goal of this policy is to clearly identify IT roles and responsibilities for computer security incidents and data breaches investigation and response.
2. Scope
This policy applies to all personnel, including employees, temporary workers, contractors, those employed by contracted entities, and others authorized to access TeleCetli Kft. information resources, regardless of ownership or location of information systems used to store, process, transmit, or access TeleCetli Kft. data.
3. Responsibilities
3.1 Primary Security Responsible
Responsible Person: Tamas Szilagyi
Primary responsibilities include:
- Reporting of security incidents
- Identification of security vulnerabilities
- Investigation of security breaches
- Resolution of security incidents
- Implementation of security measures
- Communication with stakeholders
3.2 External Communication
Responsible Person: Tamas Szilagyi
Responsible for external communication on significant security-related issues (both the event and the resolution of the issue).
3.3 All Personnel Responsibilities
All members of TeleCetli Kft. are responsible for promptly reporting any suspected or confirmed security incident involving TeleCetli Kft. data or an associated information system, even if they have contributed in some way to the event or incident.
Reporting Methods:
- Email: [email protected]
- Direct Communication: Verbally or via messaging to the security responsible person (Tamas Szilagyi)
4. Incident Response Procedure
In the case of a security incident, the following steps should be taken by the security responsible towards resolution:
Investigate and Reproduce
Analyze the reported incident to understand its scope and nature. Attempt to reproduce the issue to confirm the vulnerability.
Determine Breach Size and Type
Assess the extent of the security breach, including affected systems, data, and users. Classify the type of incident (data breach, system compromise, etc.).
Define Communication Plan (Issue)
Establish internal and external communication protocols for notifying stakeholders about the incident.
Classify Technical Area
Identify whether the incident affects front-end, back-end, infrastructure, or other technical areas.
Define Technical Responsibility
Assign the appropriate technical personnel responsible for implementing the resolution.
Resolve and Deploy
Implement the fix and deploy it to all affected environments (development, test, production).
Implement Automatic Detection
Identify possible ways of automatic detection and notification for this and similar security issues in the future.
Review Policies
Review all relevant security policies and update them if necessary based on lessons learned.
Define Communication Plan (Resolution)
Establish internal and external communication protocols for notifying stakeholders about the incident resolution.
5. Incident Classification
Security incidents are classified by severity to ensure appropriate response times and resource allocation:
| Severity Level | Description | Response Time |
|---|---|---|
| Critical | Data breach exposing sensitive customer data, complete system compromise, active exploitation | Immediate (within 1 hour) |
| High | Security vulnerability allowing unauthorized access, potential data exposure, service disruption | Within 4 hours |
| Medium | Security weakness that could lead to compromise, minor data exposure, degraded security controls | Within 24 hours |
| Low | Minor security issues with limited impact, informational security findings | Within 7 days |
6. Contact Information
For security incident reporting and inquiries: