Responsibilities and procedures

Security incident management is the responsibility of the Chief Information Security Officer. Crisis management is the responsibility of the Chief Technical Officer. From a practical viewpoint, a security incident is handled way as a production incident: a task force is assigned to fix the problem. If the situation requires it, regular status reports will be made publicly available on status.jobteaser.com.

Reporting information security events

Depending on the security incident’s nature and gravity, JobTeaser may notify competent authorities or its affected clients within a reasonable time frame.

If a personal data breach occurs, depending on the incident’s nature and gravity, JobTeaser may inform affected users, competent authorities and clients within GDPR’s legally mandated time frame. For more information on how JobTeaser manages personal data, please refer to our Privacy Policy.

Assessment of and decision on information security events

Classification of an incident is done by the task force assigned to the incident. Major decisions are approved either by the CISO or the CTO.

Response to information security incidents

In case of a system alert, events are escalated to our operations and security monitoring. Our employees are trained on security incident response processes, including communication channels and escalation paths.

Learning from information security incidents

All security incidents are recorded and analysed by the CISO. Action plans can result from this analysis.