Imperial Eminence Cyberguard Corporation · The Ivory Index

Incident Response Policy

Tier IV — Enterprise Governance · Ref: IECC-T4-003 · Version 1.0 · Effective 14 June 2026

Article I — Purpose & Scope

This Incident Response Policy ("Policy") establishes IECC's procedures for detecting, containing, assessing, notifying, and remediating security incidents affecting The Ivory Index Software, associated services, and Customer data. It applies to all IECC personnel and systems involved in Software development and service delivery.

Article II — Incident Classification

Article III — Response Phases

Phase 1 — Detection & Identification

• Security monitoring alerts, user reports, or third-party notifications trigger incident triage
• On-call security contact assesses severity classification within the response target window
• Incident is logged with timestamp, classification, initial assessment, and assigned owner

Phase 2 — Containment

• Short-term containment: Isolate affected systems, revoke compromised credentials, block attack vectors — within response target window
• Long-term containment: Deploy patched systems in parallel; preserve forensic evidence before remediation
• P1/P2 incidents: escalate to IECC leadership and engage external incident response support if required

Phase 3 — Notification

Where the incident involves personal data actually held by IECC (cloud services):

• Affected Customers notified within 72 hours of IECC becoming aware of a personal data breach, in accordance with applicable data protection law
• Notification includes: nature of incident; data categories affected; approximate number of records; likely consequences; measures taken or proposed
• Regulatory notification made where required by applicable law (e.g., GDPR Article 33)
• For local Software incidents outside IECC's control (e.g., User device compromise), IECC provides guidance but cannot directly notify on behalf of Users

Phase 4 — Remediation

• Root cause analysis completed within 14 days of containment
• Permanent fix deployed and verified
• Security controls updated to prevent recurrence
• Post-incident review documented and retained

Phase 5 — Post-Incident Review

• Full incident report produced within 30 days of resolution
• Lessons learned documented and shared with relevant IECC teams
• Security programme updated as warranted
• P1/P2 reports shared with affected Customers upon request (redacted for third-party confidentiality)

Article IV — Reporting

To report a suspected security incident involving IECC systems or The Ivory Index Software, contact: legal@imperialecc.com. Include: description of observed behaviour; affected system or data; timeline; your contact details. IECC will acknowledge all reports within 24 hours.

Article V — Testing

IECC tests incident response procedures at least annually through tabletop exercises or simulated incident scenarios. Results are used to improve detection, response, and communication procedures.

Drafted with the assistance of

Voidlex

Imperial Legal Intelligence · IECC Suite · v2.6

This document was prepared with the assistance of Voidlex, a legal document drafting tool developed by Imperial Eminence Cyberguard Corporation (IECC). Voidlex is a drafting aid only. It does not constitute legal advice, does not practice law, and does not guarantee the legal enforceability of this document in any jurisdiction. Users are strongly encouraged to seek independent legal counsel before relying on this document for commercial, regulatory, or enforcement purposes.

Governing Law — All Disputes Cayman Islands · Grand Court of the Cayman Islands

IECC Registered Operations Planned Cayman Islands registration · pre-incorporation stage

Drafting System Voidlex v2.6 · Imperial Eminence Cyberguard Corporation

TRIBUNEH · IECC Legal Division