Information Security Incident Procedure

Updated 27.01.2026

A document forming part of the Immercial IMS.

Contact us

12. Information Security Incident Procedure

Document Name: Information Security Incident Procedure
Version: 1.0
Approved by: Directors, Immercial Limited
Review Frequency: Annual or upon material change

12.1 Purpose

This procedure defines how Immercial Limited identifies, records, responds to, and reviews information security incidents to minimise impact and support continual improvement.

It supports ISO 27001 requirements and aligns with Cyber Essentials principles.

12.2 Definition of an Information Security Incident

An information security incident is any event that may compromise, or has the potential to compromise:

  • Confidentiality of information

  • Integrity of information

  • Availability of information or systems

Incidents may include, but are not limited to:

  • Unauthorised access to data

  • Loss or theft of devices

  • Accidental data disclosure

  • Malware or cyber-related events

  • System outages affecting availability

12.3 Incident Identification & Reporting

  • All personnel and authorised users must report suspected or actual incidents as soon as they are identified.

  • Incidents are reported to senior management without delay.

  • No blame is attributed to incident reporting; early reporting is encouraged.

12.4 Incident Recording

All incidents are recorded in an Incident Log, including:

  • Date and time identified

  • Description of incident

  • Information assets affected

  • Initial assessment of impact

  • Actions taken

  • Resolution status

  • Lessons learned (if applicable)

Incidents with no material impact are still recorded.

12.5 Incident Response

Senior management is responsible for:

  • Assessing the severity and potential impact

  • Implementing immediate containment actions

  • Coordinating remediation activities

  • Engaging third-party support where required

  • Determining whether further notification is necessary

12.6 Post-Incident Review

Following resolution:

  • The incident is reviewed to identify root causes where appropriate

  • Additional controls or improvements are identified

  • Corrective or preventive actions are logged where required

12.7 Integration with IMS

Information security incidents and responses form part of:

  • Risk management activities

  • Corrective and preventive action processes

  • Management review inputs

12.8 Review & Improvement

This procedure is reviewed annually or following a significant incident to ensure continued suitability and effectiveness.

Immercial Limited