32 lines
720 B
Markdown
32 lines
720 B
Markdown
# Incident Response Plan
|
|
|
|
## P0
|
|
|
|
- cross-school data leak
|
|
- unauthorized payment file access
|
|
- incorrect payment balances at scale
|
|
- bulk communication sent to wrong audience
|
|
- sensitive report export leak
|
|
- scanner outage during active session
|
|
- student data corruption
|
|
|
|
## P1
|
|
|
|
- module unavailable
|
|
- report incorrect for subset
|
|
- payment edit failure
|
|
- attendance duplicate spike
|
|
- communication provider failure
|
|
- Islamic extension profile unavailable
|
|
|
|
## Response Steps
|
|
|
|
1. Disable feature flag if applicable.
|
|
2. Stop affected queues/jobs.
|
|
3. Preserve logs and audit evidence.
|
|
4. Notify owner/security/support.
|
|
5. Run reconciliation.
|
|
6. Apply rollback or forward fix.
|
|
7. Document root cause.
|
|
8. Add regression test.
|