When a breach occurs, having a plan of attack is critical to the risk mitigation and reporting obligations that are often mandated. Whether self-imposed or at the direction of regulators or the court, the breached organization’s compromised data will need to be analyzed, reviewed, and summarized. Effective planning and communication among the various stakeholders will drive efficiencies, reduce costs, and lead to successful completion of the review. This article will prepare you to lead, manage, or contribute after a breach impacts your organization.

After a breach, it is essential to quickly identify the affected data for review. Effective planning, management, and communication with key stakeholders throughout the breach response will be essential to reducing further risk (e.g., financial penalties for missing reporting obligations, reputational harm), compressing time frames, and controlling costs while meeting critical deadlines. The deployment of project management fundamentals such as planning, stakeholder identification, and communication plans are some of the ways you can set yourself up for a successful breach review.