Skip to main content

Respond to Compliance Incidents and Findings

Learning Objectives

After completing this unit, you’ll be able to:

  • Explain how to respond to and recover from cybersecurity compliance incidents.
  • Describe how to report internally and externally on compliance risks facing your organization.

Respond to Cybersecurity Compliance Incidents

How your organization responds to incidents related to cybersecurity compliance has a huge impact—not only on your customer’s ability to trust your protection of their data, but also on how authorities with jurisdiction over your organization view your organization’s ability to follow the rules. 

Achieving full compliance to any cybersecurity standard is a journey, but it’s a goal worth striving for. Your organization’s cybersecurity compliance program must continue to evolve to stay ahead of attackers. In fact, planning for incident response is usually a function that’s required in order for your organization’s cybersecurity program to be in compliance with applicable laws, regulations, and standards. You may also be involved in testing the plan to ensure it functions as expected before an incident occurs. 

When an incident occurs, part of your job is to help update your organization’s policies and procedures to enable your organization to better protect itself in the future. You collaborate with the cybersecurity incident response team to investigate and communicate threats. You work with them to identify, remove, and analyze active breach incidents. 

You also plan for how to communicate during an incident in order to be in compliance with applicable laws and regulations. Many countries and industries have data breach notification laws that you must abide by to notify customers or regulatory authorities within a specific time period. To prepare, ask yourself the following questions:

  • How will you communicate internally about the incident with affected technology and business units?
  • How will you coordinate with any third-party services that may have been involved in or impacted by the breach?
  • What are your responsibilities in notifying affected customers?
  • Do you have a responsibility to communicate/coordinate with law enforcement or another outside party?

These are all key considerations for ensuring your incident response process runs smoothly and in compliance with any applicable laws, regulations, and standards.

A cybersecurity compliance analyst communicating with an internal business team, law enforcement, customers, and a vendor in the wake of an incident

Report to Leadership, Regulators, and Auditors

Compliance with applicable cybersecurity laws, regulations, standards, and policies requires a partnership. Part of both incident response and overall management of cybersecurity compliance is reporting to internal leadership and external regulators and auditors on risks facing your organization—and how you are addressing them to stay in compliance. In doing so, you develop standardized assessment responses for auditors and regulators. You support your organization and external auditors by providing requested evidence to support audits and test control effectiveness. If audit deviations are identified, you work with management to validate the accuracy of the findings, provide appropriate responses, and build a plan for remediation of the issues.

With new compliance regulations being issued each year, it’s critical to conduct regular analyses to ensure you meet any changes from the previous audit. You stay informed of new compliance regulations, assist in the assessment of the impact to the organization, and collaborate with impacted teams across your organization to ensure compliance. You also provide recommendations to your risk management and audit teams to improve the effectiveness and efficiency of your risk-based audit program to ensure it’s repeatable, sustainable, and cost-effective.

Knowledge Check

Ready to review what you’ve learned? The following knowledge check isn’t scored—it’s just an easy way to quiz yourself. To get started, drag the description in the left column next to the appropriate True or False area on the right. When you finish moving all the items, click Submit to check your work. If you’d like to start over, click Reset.

Great work!

Sum It Up

In this module, you’ve been introduced to methods for identifying cybersecurity gaps and managing cybersecurity compliance risks. You’ve also learned how to detect changes in your organization’s cybersecurity compliance posture, and how to respond to cybersecurity compliance incidents and findings.

Along with the information you reviewed in the Cybersecurity Compliance Analysis module, you should now have a better understanding of what it takes to be a cybersecurity compliance analyst. You can learn more about the in-demand cybersecurity skills necessary to get a job in cybersecurity compliance analysis, or another field, and learn more from real security practitioners by visiting the Cybersecurity Learning Hub on Trailhead. 

Resources

Compartilhe seu feedback do Trailhead usando a Ajuda do Salesforce.

Queremos saber sobre sua experiência com o Trailhead. Agora você pode acessar o novo formulário de feedback, a qualquer momento, no site Ajuda do Salesforce.

Saiba mais Continue compartilhando feedback