The organisation should have clear communication channels for event reporting:
- Establish and maintain adequate communication channels for security event reporters, ensuring that:
- A common point of contact for reporting events is identified and communicated to all relevant parties.
- Different reporting channels are available based on the perceived severity of events, including real-time communication options for significant emergencies and asynchronous methods (e.g., tickets, email) for less urgent matters.
Organisation should also consider the possibility of external reporting. This could mean having a system to handle security event reports from external parties, including:
- An externally accessible and well-communicated method for reporting security events.
- Defined procedures for responding to and addressing security event reports from external sources.
The organisation should also ensure that the mechanisms and information for reporting incidents are easily accessible to all relevant reporters and establish a feedback procedure to provide timely responses and updates to those who report security events, ensuring they are informed of the outcomes and any necessary follow-up actions.