Incident Response Policy
Version: IR-2026-07-08
Last updated: July 8, 2026.
1. Overview
TSP Scale's Incident Response Policy defines the procedures our team follows when a potential security incident or data breach is detected. Our primary goals are to contain the incident, minimize impact, protect customer data, and restore normal operations as quickly as possible.
2. Detection and Identification
Incidents are detected through continuous infrastructure monitoring, automated security alerts, internal audits, and responsible disclosure reports from security researchers. Upon detection, a dedicated Incident Response Team (IRT) is assembled to investigate the scope and severity of the event.
3. Containment and Mitigation
The IRT's immediate priority is containment. Depending on the nature of the incident, containment steps may include isolating affected systems, rotating compromised credentials, deploying emergency patches, or temporarily suspending specific services to prevent further unauthorized access or data loss.
4. Customer Notification
If we determine that an incident has resulted in the unauthorized access, disclosure, or alteration of your personal data or service data, TSP Scale will notify affected customers without undue delay, and in accordance with applicable legal obligations (such as the DPDP Act 2023). Notifications will include the nature of the breach, the data affected, and the mitigation steps taken.
5. Recovery and Review
Following containment, systems are restored to full operation securely. A post-incident review is conducted for all significant security events to identify root causes, improve our security posture, and prevent similar incidents from occurring in the future.