04:05
ISSUE 5
“To address a lack of information specific to the Payroll Industry on how to react when such incidents occur, the Global Payroll Association’s “Cyber Response: A Toolkit for Payroll Professionals” was released in March to provide a measure of awareness surrounding cyber issues and data breaches.”
Terms used to classify and rate the severity of different types of breaches are introduced, as well as coverage of Incident Response Plans, or data breach crisis plans. Guidance on proper communication channels, who is in charge, what to say, and when to contact and release information often are contained in these documents that will need to be accessible even if systems are down. The toolkit contains several examples of how to notify and what needs to be considered, depending on the type and severity of the incident. Third parties involved in your Payroll, such as your Payroll service provider or others, have their own processes for handling data breaches, compromises, or system outages, and this coordination piece is covered in the toolkit. What happens if the service provider has an issue that should be addressed? What is your role in any remediation activities going forward? The toolkit
To address a lack of information specific to the Payroll Industry on how to react when such incidents occur, the Global Payroll Association’s “Cyber Response: A Toolkit for Payroll Professionals” was released in March to provide a measure of awareness surrounding cyber issues and data breaches. It is available at no cost through the GPA’s White Paper page . Understanding Breach Types and Their Severity This toolkit was developed because the GPA saw a need to reduce the ignorance of the many types of breaches and their corresponding levels of impact on operations, as well as the protocols in place for post-breach remediation. More understanding of these processes means fewer surprises when confronted with an incident. The first part of the toolkit provides the backbone to understanding what your needs are as a Payroll Professional, when and if a breach or a cyberattack or compromise has occurred.
Made with FlippingBook Ebook Creator