Verze: 1.0 | Efektivní od: 1. ledna 2026
1. Účel
Tato směrnice definuje proces řízení bezpečnostních incidentů včetně detekce, response, notification a recovery.
2. Definice incidentu
2.1 Typy incidentů
| Typ | Příklady | Regulace |
|---|
| Data Breach | Únik dat, unauthorized access | GDPR |
| Security Incident | Malware, ransomware, intrusion | NIS2 |
| AI Incident | Bias, hallucination, malfunction | AI Act |
| Availability | DDoS, system failure | NIS2 |
| Compliance | Policy violation | Internal |
2.2 Severity Classification
| Severity | Definice | Response Time | Escalation |
|---|
| Critical | Business critical impact, data breach | <1h | CEO + Board |
| High | Significant impact, potential breach | <4h | C-level |
| Medium | Limited impact, contained | <24h | Management |
| Low | Minimal impact, no data at risk | <72h | Team lead |
3. Incident Response Team (IRT)
3.1 Složení týmu
| Role | Primární | Backup |
|---|
| Incident Commander | CISO | IT Director |
| Technical Lead | Security Engineer | SRE Lead |
| Communications | PR Manager | CEO |
| Legal | CLO | External counsel |
| DPO | DPO | Privacy consultant |
| Business | COO | Department head |
4. Incident Response Process
4.1 Fáze response
%3btext-align:center%3b%7d%23mermaid-0 .edgeLabel p%7bbackground-color:rgba(232%2c232%2c232%2c 0.8)%3b%7d%23mermaid-0 .edgeLabel rect%7bopacity:0.5%3bbackground-color:rgba(232%2c232%2c232%2c 0.8)%3bfill:rgba(232%2c232%2c232%2c 0.8)%3b%7d%23mermaid-0 .labelBkg%7bbackground-color:rgba(232%2c 232%2c 232%2c 0.5)%3b%7d%23mermaid-0 .cluster rect%7bfill:%23ffffde%3bstroke:%23aaaa33%3bstroke-width:1px%3b%7d%23mermaid-0 .cluster text%7bfill:%23333%3b%7d%23mermaid-0 .cluster span%7bcolor:%23333%3b%7d%23mermaid-0 div.mermaidTooltip%7bposition:absolute%3btext-align:center%3bmax-width:200px%3bpadding:2px%3bfont-family:arial%2csans-serif%3bfont-size:12px%3bbackground:hsl(80%2c 100%25%2c 96.2745098039%25)%3bborder:1px solid %23aaaa33%3bborder-radius:2px%3bpointer-events:none%3bz-index:100%3b%7d%23mermaid-0 .flowchartTitleText%7btext-anchor:middle%3bfont-size:18px%3bfill:%23333%3b%7d%23mermaid-0 rect.text%7bfill:none%3bstroke-width:0%3b%7d%23mermaid-0 .icon-shape%2c%23mermaid-0 .image-shape%7bbackground-color:rgba(232%2c232%2c232%2c 0.8)%3btext-align:center%3b%7d%23mermaid-0 .icon-shape p%2c%23mermaid-0 .image-shape p%7bbackground-color:rgba(232%2c232%2c232%2c 0.8)%3bpadding:2px%3b%7d%23mermaid-0 .icon-shape .label rect%2c%23mermaid-0 .image-shape .label rect%7bopacity:0.5%3bbackground-color:rgba(232%2c232%2c232%2c 0.8)%3bfill:rgba(232%2c232%2c232%2c 0.8)%3b%7d%23mermaid-0 .label-icon%7bdisplay:inline-block%3bheight:1em%3boverflow:visible%3bvertical-align:-0.125em%3b%7d%23mermaid-0 .node .label-icon path%7bfill:currentColor%3bstroke:revert%3bstroke-width:revert%3b%7d%23mermaid-0 :root%7b--mermaid-font-family:arial%2csans-serif%3b%7d%3c/style%3e%3cg%3e%3cmarker id='mermaid-0_flowchart-v2-pointEnd' class='marker flowchart-v2' viewBox='0 0 10 10' refX='5' refY='5' markerUnits='userSpaceOnUse' markerWidth='8' markerHeight='8' orient='auto'%3e%3cpath d='M 0 0 L 10 5 L 0 10 z' class='arrowMarkerPath' style='stroke-width: 1%3b stroke-dasharray: 1%2c 0%3b'/%3e%3c/marker%3e%3cmarker id='mermaid-0_flowchart-v2-pointStart' class='marker flowchart-v2' viewBox='0 0 10 10' refX='4.5' refY='5' markerUnits='userSpaceOnUse' markerWidth='8' markerHeight='8' orient='auto'%3e%3cpath d='M 0 5 L 10 10 L 10 0 z' class='arrowMarkerPath' style='stroke-width: 1%3b stroke-dasharray: 1%2c 0%3b'/%3e%3c/marker%3e%3cmarker id='mermaid-0_flowchart-v2-circleEnd' class='marker flowchart-v2' viewBox='0 0 10 10' refX='11' refY='5' markerUnits='userSpaceOnUse' markerWidth='11' markerHeight='11' orient='auto'%3e%3ccircle cx='5' cy='5' r='5' class='arrowMarkerPath' style='stroke-width: 1%3b stroke-dasharray: 1%2c 0%3b'/%3e%3c/marker%3e%3cmarker id='mermaid-0_flowchart-v2-circleStart' class='marker flowchart-v2' viewBox='0 0 10 10' refX='-1' refY='5' markerUnits='userSpaceOnUse' markerWidth='11' markerHeight='11' orient='auto'%3e%3ccircle cx='5' cy='5' r='5' class='arrowMarkerPath' style='stroke-width: 1%3b stroke-dasharray: 1%2c 0%3b'/%3e%3c/marker%3e%3cmarker id='mermaid-0_flowchart-v2-crossEnd' class='marker cross flowchart-v2' viewBox='0 0 11 11' refX='12' refY='5.2' markerUnits='userSpaceOnUse' markerWidth='11' markerHeight='11' orient='auto'%3e%3cpath d='M 1%2c1 l 9%2c9 M 10%2c1 l -9%2c9' class='arrowMarkerPath' style='stroke-width: 2%3b stroke-dasharray: 1%2c 0%3b'/%3e%3c/marker%3e%3cmarker id='mermaid-0_flowchart-v2-crossStart' class='marker cross flowchart-v2' viewBox='0 0 11 11' refX='-1' refY='5.2' markerUnits='userSpaceOnUse' markerWidth='11' markerHeight='11' orient='auto'%3e%3cpath d='M 1%2c1 l 9%2c9 M 10%2c1 l -9%2c9' class='arrowMarkerPath' style='stroke-width: 2%3b stroke-dasharray: 1%2c 0%3b'/%3e%3c/marker%3e%3cg class='root'%3e%3cg class='clusters'/%3e%3cg class='edgePaths'%3e%3cpath d='M138%2c206L138%2c210.167C138%2c214.333%2c138%2c222.667%2c138%2c230.333C138%2c238%2c138%2c245%2c138%2c248.5L138%2c252' id='L_D_T_0' class='edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link' style='%3b' data-edge='true' data-et='edge' data-id='L_D_T_0' data-points='W3sieCI6MTM4LCJ5IjoyMDZ9LHsieCI6MTM4LCJ5IjoyMzF9LHsieCI6MTM4LCJ5IjoyNTZ9XQ==' marker-end='url(%23mermaid-0_flowchart-v2-pointEnd)'/%3e%3cpath d='M138%2c430L138%2c434.167C138%2c438.333%2c138%2c446.667%2c138%2c454.333C138%2c462%2c138%2c469%2c138%2c472.5L138%2c476' id='L_T_C_0' class='edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link' style='%3b' data-edge='true' data-et='edge' data-id='L_T_C_0' data-points='W3sieCI6MTM4LCJ5Ijo0MzB9LHsieCI6MTM4LCJ5Ijo0NTV9LHsieCI6MTM4LCJ5Ijo0ODB9XQ==' marker-end='url(%23mermaid-0_flowchart-v2-pointEnd)'/%3e%3cpath d='M138%2c654L138%2c658.167C138%2c662.333%2c138%2c670.667%2c138%2c678.333C138%2c686%2c138%2c693%2c138%2c696.5L138%2c700' id='L_C_E_0' class='edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link' style='%3b' data-edge='true' data-et='edge' data-id='L_C_E_0' data-points='W3sieCI6MTM4LCJ5Ijo2NTR9LHsieCI6MTM4LCJ5Ijo2Nzl9LHsieCI6MTM4LCJ5Ijo3MDR9XQ==' marker-end='url(%23mermaid-0_flowchart-v2-pointEnd)'/%3e%3cpath d='M138%2c854L138%2c858.167C138%2c862.333%2c138%2c870.667%2c138%2c878.333C138%2c886%2c138%2c893%2c138%2c896.5L138%2c900' id='L_E_R_0' class='edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link' style='%3b' data-edge='true' data-et='edge' data-id='L_E_R_0' data-points='W3sieCI6MTM4LCJ5Ijo4NTR9LHsieCI6MTM4LCJ5Ijo4Nzl9LHsieCI6MTM4LCJ5Ijo5MDR9XQ==' marker-end='url(%23mermaid-0_flowchart-v2-pointEnd)'/%3e%3cpath d='M138%2c1054L138%2c1058.167C138%2c1062.333%2c138%2c1070.667%2c138%2c1078.333C138%2c1086%2c138%2c1093%2c138%2c1096.5L138%2c1100' id='L_R_P_0' class='edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link' style='%3b' data-edge='true' data-et='edge' data-id='L_R_P_0' data-points='W3sieCI6MTM4LCJ5IjoxMDU0fSx7IngiOjEzOCwieSI6MTA3OX0seyJ4IjoxMzgsInkiOjExMDR9XQ==' marker-end='url(%23mermaid-0_flowchart-v2-pointEnd)'/%3e%3c/g%3e%3cg class='edgeLabels'%3e%3cg class='edgeLabel'%3e%3cg class='label' data-id='L_D_T_0' transform='translate(0%2c 0)'%3e%3cforeignObject width='0' height='0'%3e%3cdiv xmlns='http://www.w3.org/1999/xhtml' class='labelBkg' style='display: table-cell%3b white-space: nowrap%3b line-height: 1.5%3b max-width: 200px%3b text-align: center%3b'%3e%3cspan class='edgeLabel'%3e%3c/span%3e%3c/div%3e%3c/foreignObject%3e%3c/g%3e%3c/g%3e%3cg class='edgeLabel'%3e%3cg class='label' data-id='L_T_C_0' transform='translate(0%2c 0)'%3e%3cforeignObject width='0' height='0'%3e%3cdiv xmlns='http://www.w3.org/1999/xhtml' class='labelBkg' style='display: table-cell%3b white-space: nowrap%3b line-height: 1.5%3b max-width: 200px%3b text-align: center%3b'%3e%3cspan class='edgeLabel'%3e%3c/span%3e%3c/div%3e%3c/foreignObject%3e%3c/g%3e%3c/g%3e%3cg class='edgeLabel'%3e%3cg class='label' data-id='L_C_E_0' transform='translate(0%2c 0)'%3e%3cforeignObject width='0' height='0'%3e%3cdiv xmlns='http://www.w3.org/1999/xhtml' class='labelBkg' style='display: table-cell%3b white-space: nowrap%3b line-height: 1.5%3b max-width: 200px%3b text-align: center%3b'%3e%3cspan class='edgeLabel'%3e%3c/span%3e%3c/div%3e%3c/foreignObject%3e%3c/g%3e%3c/g%3e%3cg class='edgeLabel'%3e%3cg class='label' data-id='L_E_R_0' transform='translate(0%2c 0)'%3e%3cforeignObject width='0' height='0'%3e%3cdiv xmlns='http://www.w3.org/1999/xhtml' class='labelBkg' style='display: table-cell%3b white-space: nowrap%3b line-height: 1.5%3b max-width: 200px%3b text-align: center%3b'%3e%3cspan class='edgeLabel'%3e%3c/span%3e%3c/div%3e%3c/foreignObject%3e%3c/g%3e%3c/g%3e%3cg class='edgeLabel'%3e%3cg class='label' data-id='L_R_P_0' transform='translate(0%2c 0)'%3e%3cforeignObject width='0' height='0'%3e%3cdiv xmlns='http://www.w3.org/1999/xhtml' class='labelBkg' style='display: table-cell%3b white-space: nowrap%3b line-height: 1.5%3b max-width: 200px%3b text-align: center%3b'%3e%3cspan class='edgeLabel'%3e%3c/span%3e%3c/div%3e%3c/foreignObject%3e%3c/g%3e%3c/g%3e%3c/g%3e%3cg class='nodes'%3e%3cg class='node default' id='flowchart-D-0' transform='translate(138%2c 107)'%3e%3crect class='basic label-container' style='' x='-130' y='-99' width='260' height='198'/%3e%3cg class='label' style='' transform='translate(-100%2c -84)'%3e%3crect/%3e%3cforeignObject width='200' height='168'%3e%3cdiv xmlns='http://www.w3.org/1999/xhtml' style='display: table%3b white-space: break-spaces%3b line-height: 1.5%3b max-width: 200px%3b text-align: center%3b width: 200px%3b'%3e%3cspan class='nodeLabel'%3e%3cp%3e1. DETECTION %26amp%3b REPORTING%3cbr /%3eAutomated alerts %e2%80%94 SIEM%2c monitoring%3cbr /%3eUser reports %7c Third-party notification%3cbr /%3eThreat intelligence%3c/p%3e%3c/span%3e%3c/div%3e%3c/foreignObject%3e%3c/g%3e%3c/g%3e%3cg class='node default' id='flowchart-T-2' transform='translate(138%2c 343)'%3e%3crect class='basic label-container' style='' x='-130' y='-87' width='260' height='174'/%3e%3cg class='label' style='' transform='translate(-100%2c -72)'%3e%3crect/%3e%3cforeignObject width='200' height='144'%3e%3cdiv xmlns='http://www.w3.org/1999/xhtml' style='display: table%3b white-space: break-spaces%3b line-height: 1.5%3b max-width: 200px%3b text-align: center%3b width: 200px%3b'%3e%3cspan class='nodeLabel'%3e%3cp%3e2. TRIAGE %26amp%3b CLASSIFICATION%3cbr /%3eInitial assessment %7c Severity assignment%3cbr /%3eIRT activation %7c Incident ticket creation%3c/p%3e%3c/span%3e%3c/div%3e%3c/foreignObject%3e%3c/g%3e%3c/g%3e%3cg class='node default' id='flowchart-C-4' transform='translate(138%2c 567)'%3e%3crect class='basic label-container' style='' x='-130' y='-87' width='260' height='174'/%3e%3cg class='label' style='' transform='translate(-100%2c -72)'%3e%3crect/%3e%3cforeignObject width='200' height='144'%3e%3cdiv xmlns='http://www.w3.org/1999/xhtml' style='display: table%3b white-space: break-spaces%3b line-height: 1.5%3b max-width: 200px%3b text-align: center%3b width: 200px%3b'%3e%3cspan class='nodeLabel'%3e%3cp%3e3. CONTAINMENT%3cbr /%3eImmediate containment %e2%80%94 stop bleeding%3cbr /%3eShort-term containment %e2%80%94 isolate%3cbr /%3eEvidence preservation%3c/p%3e%3c/span%3e%3c/div%3e%3c/foreignObject%3e%3c/g%3e%3c/g%3e%3cg class='node default' id='flowchart-E-6' transform='translate(138%2c 779)'%3e%3crect class='basic label-container' style='' x='-130' y='-75' width='260' height='150'/%3e%3cg class='label' style='' transform='translate(-100%2c -60)'%3e%3crect/%3e%3cforeignObject width='200' height='120'%3e%3cdiv xmlns='http://www.w3.org/1999/xhtml' style='display: table%3b white-space: break-spaces%3b line-height: 1.5%3b max-width: 200px%3b text-align: center%3b width: 200px%3b'%3e%3cspan class='nodeLabel'%3e%3cp%3e4. ERADICATION%3cbr /%3eRoot cause identification%3cbr /%3eMalware removal %7c Vulnerability patching%3cbr /%3eSystem hardening%3c/p%3e%3c/span%3e%3c/div%3e%3c/foreignObject%3e%3c/g%3e%3c/g%3e%3cg class='node default' id='flowchart-R-8' transform='translate(138%2c 979)'%3e%3crect class='basic label-container' style='' x='-130' y='-75' width='260' height='150'/%3e%3cg class='label' style='' transform='translate(-100%2c -60)'%3e%3crect/%3e%3cforeignObject width='200' height='120'%3e%3cdiv xmlns='http://www.w3.org/1999/xhtml' style='display: table%3b white-space: break-spaces%3b line-height: 1.5%3b max-width: 200px%3b text-align: center%3b width: 200px%3b'%3e%3cspan class='nodeLabel'%3e%3cp%3e5. RECOVERY%3cbr /%3eSystem restoration %7c Service validation%3cbr /%3eMonitoring increase%3cbr /%3eGradual return to normal%3c/p%3e%3c/span%3e%3c/div%3e%3c/foreignObject%3e%3c/g%3e%3c/g%3e%3cg class='node default' id='flowchart-P-10' transform='translate(138%2c 1179)'%3e%3crect class='basic label-container' style='' x='-130' y='-75' width='260' height='150'/%3e%3cg class='label' style='' transform='translate(-100%2c -60)'%3e%3crect/%3e%3cforeignObject width='200' height='120'%3e%3cdiv xmlns='http://www.w3.org/1999/xhtml' style='display: table%3b white-space: break-spaces%3b line-height: 1.5%3b max-width: 200px%3b text-align: center%3b width: 200px%3b'%3e%3cspan class='nodeLabel'%3e%3cp%3e6. POST-INCIDENT%3cbr /%3ePost-mortem analysis %7c Lessons learned%3cbr /%3eProcess improvement %7c Documentation%3c/p%3e%3c/span%3e%3c/div%3e%3c/foreignObject%3e%3c/g%3e%3c/g%3e%3c/g%3e%3c/g%3e%3c/g%3e%3c/svg%3e)
5. Notification Requirements
5.1 Internal Notification
| Severity | Notify | Timeline |
|---|
| Critical | CEO, Board, All C-level | Immediate |
| High | CISO, CTO, relevant C-level | <1h |
| Medium | CISO, Team leads | <4h |
| Low | CISO | <24h |
5.2 External Notification (Regulatory)
| Regulace | Autorita | Timeline | Trigger |
|---|
| GDPR | ÚOOÚ | 72h | Personal data breach |
| NIS2 | NÚKIB | 24h (initial), 72h (full) | Significant incident |
| AI Act | – | Document | AI incident |
5.3 Notification Templates
Initial Notification (24h) - NÚKIB:
- Incident ID
- Detection time
- Affected systems
- Initial assessment
- Containment status
- Contact info
Full Report (72h) - ÚOOÚ:
- Nature of breach
- Categories of data
- Number of subjects
- Likely consequences
- Measures taken
- DPO contact
6. Data Breach Specific Process
6.1 Data Breach Assessment
Data Breach Checklist:
6.2 Subject Notification Criteria
Notifikovat subjekty pokud:
- Vysoké riziko pro práva a svobody
- Nešifrovaná citlivá data
- Financial data exposed
- Health data exposed
- Credentials exposed (plaintext)
6.3 Subject Notification Content
- Co se stalo (bez technických detailů)
- Jaká data byla dotčena
- Jaké je riziko
- Co děláme
- Co můžete udělat vy
- Kontakt na DPO
7. AI Incident Specific Process
7.1 AI Incident Types
| Typ | Příklad | Severity |
|---|
| Bias | Discriminatory outputs | High |
| Hallucination | Factually incorrect | Medium |
| Privacy leak | PII in outputs | Critical |
| Malfunction | System not working | Medium |
| Adversarial | Model manipulation | High |
7.2 AI Incident Response
%3btext-align:center%3b%7d%23mermaid-1 .edgeLabel p%7bbackground-color:rgba(232%2c232%2c232%2c 0.8)%3b%7d%23mermaid-1 .edgeLabel rect%7bopacity:0.5%3bbackground-color:rgba(232%2c232%2c232%2c 0.8)%3bfill:rgba(232%2c232%2c232%2c 0.8)%3b%7d%23mermaid-1 .labelBkg%7bbackground-color:rgba(232%2c 232%2c 232%2c 0.5)%3b%7d%23mermaid-1 .cluster rect%7bfill:%23ffffde%3bstroke:%23aaaa33%3bstroke-width:1px%3b%7d%23mermaid-1 .cluster text%7bfill:%23333%3b%7d%23mermaid-1 .cluster span%7bcolor:%23333%3b%7d%23mermaid-1 div.mermaidTooltip%7bposition:absolute%3btext-align:center%3bmax-width:200px%3bpadding:2px%3bfont-family:arial%2csans-serif%3bfont-size:12px%3bbackground:hsl(80%2c 100%25%2c 96.2745098039%25)%3bborder:1px solid %23aaaa33%3bborder-radius:2px%3bpointer-events:none%3bz-index:100%3b%7d%23mermaid-1 .flowchartTitleText%7btext-anchor:middle%3bfont-size:18px%3bfill:%23333%3b%7d%23mermaid-1 rect.text%7bfill:none%3bstroke-width:0%3b%7d%23mermaid-1 .icon-shape%2c%23mermaid-1 .image-shape%7bbackground-color:rgba(232%2c232%2c232%2c 0.8)%3btext-align:center%3b%7d%23mermaid-1 .icon-shape p%2c%23mermaid-1 .image-shape p%7bbackground-color:rgba(232%2c232%2c232%2c 0.8)%3bpadding:2px%3b%7d%23mermaid-1 .icon-shape .label rect%2c%23mermaid-1 .image-shape .label rect%7bopacity:0.5%3bbackground-color:rgba(232%2c232%2c232%2c 0.8)%3bfill:rgba(232%2c232%2c232%2c 0.8)%3b%7d%23mermaid-1 .label-icon%7bdisplay:inline-block%3bheight:1em%3boverflow:visible%3bvertical-align:-0.125em%3b%7d%23mermaid-1 .node .label-icon path%7bfill:currentColor%3bstroke:revert%3bstroke-width:revert%3b%7d%23mermaid-1 :root%7b--mermaid-font-family:arial%2csans-serif%3b%7d%3c/style%3e%3cg%3e%3cmarker id='mermaid-1_flowchart-v2-pointEnd' class='marker flowchart-v2' viewBox='0 0 10 10' refX='5' refY='5' markerUnits='userSpaceOnUse' markerWidth='8' markerHeight='8' orient='auto'%3e%3cpath d='M 0 0 L 10 5 L 0 10 z' class='arrowMarkerPath' style='stroke-width: 1%3b stroke-dasharray: 1%2c 0%3b'/%3e%3c/marker%3e%3cmarker id='mermaid-1_flowchart-v2-pointStart' class='marker flowchart-v2' viewBox='0 0 10 10' refX='4.5' refY='5' markerUnits='userSpaceOnUse' markerWidth='8' markerHeight='8' orient='auto'%3e%3cpath d='M 0 5 L 10 10 L 10 0 z' class='arrowMarkerPath' style='stroke-width: 1%3b stroke-dasharray: 1%2c 0%3b'/%3e%3c/marker%3e%3cmarker id='mermaid-1_flowchart-v2-circleEnd' class='marker flowchart-v2' viewBox='0 0 10 10' refX='11' refY='5' markerUnits='userSpaceOnUse' markerWidth='11' markerHeight='11' orient='auto'%3e%3ccircle cx='5' cy='5' r='5' class='arrowMarkerPath' style='stroke-width: 1%3b stroke-dasharray: 1%2c 0%3b'/%3e%3c/marker%3e%3cmarker id='mermaid-1_flowchart-v2-circleStart' class='marker flowchart-v2' viewBox='0 0 10 10' refX='-1' refY='5' markerUnits='userSpaceOnUse' markerWidth='11' markerHeight='11' orient='auto'%3e%3ccircle cx='5' cy='5' r='5' class='arrowMarkerPath' style='stroke-width: 1%3b stroke-dasharray: 1%2c 0%3b'/%3e%3c/marker%3e%3cmarker id='mermaid-1_flowchart-v2-crossEnd' class='marker cross flowchart-v2' viewBox='0 0 11 11' refX='12' refY='5.2' markerUnits='userSpaceOnUse' markerWidth='11' markerHeight='11' orient='auto'%3e%3cpath d='M 1%2c1 l 9%2c9 M 10%2c1 l -9%2c9' class='arrowMarkerPath' style='stroke-width: 2%3b stroke-dasharray: 1%2c 0%3b'/%3e%3c/marker%3e%3cmarker id='mermaid-1_flowchart-v2-crossStart' class='marker cross flowchart-v2' viewBox='0 0 11 11' refX='-1' refY='5.2' markerUnits='userSpaceOnUse' markerWidth='11' markerHeight='11' orient='auto'%3e%3cpath d='M 1%2c1 l 9%2c9 M 10%2c1 l -9%2c9' class='arrowMarkerPath' style='stroke-width: 2%3b stroke-dasharray: 1%2c 0%3b'/%3e%3c/marker%3e%3cg class='root'%3e%3cg class='clusters'/%3e%3cg class='edgePaths'%3e%3cpath d='M452.125%2c62L452.125%2c66.167C452.125%2c70.333%2c452.125%2c78.667%2c452.125%2c86.333C452.125%2c94%2c452.125%2c101%2c452.125%2c104.5L452.125%2c108' id='L_A_B_0' class='edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link' style='%3b' data-edge='true' data-et='edge' data-id='L_A_B_0' data-points='W3sieCI6NDUyLjEyNSwieSI6NjJ9LHsieCI6NDUyLjEyNSwieSI6ODd9LHsieCI6NDUyLjEyNSwieSI6MTEyfV0=' marker-end='url(%23mermaid-1_flowchart-v2-pointEnd)'/%3e%3cpath d='M452.125%2c166L452.125%2c170.167C452.125%2c174.333%2c452.125%2c182.667%2c452.125%2c190.333C452.125%2c198%2c452.125%2c205%2c452.125%2c208.5L452.125%2c212' id='L_B_C_0' class='edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link' style='%3b' data-edge='true' data-et='edge' data-id='L_B_C_0' data-points='W3sieCI6NDUyLjEyNSwieSI6MTY2fSx7IngiOjQ1Mi4xMjUsInkiOjE5MX0seyJ4Ijo0NTIuMTI1LCJ5IjoyMTZ9XQ==' marker-end='url(%23mermaid-1_flowchart-v2-pointEnd)'/%3e%3cpath d='M452.125%2c294L452.125%2c298.167C452.125%2c302.333%2c452.125%2c310.667%2c452.125%2c318.333C452.125%2c326%2c452.125%2c333%2c452.125%2c336.5L452.125%2c340' id='L_C_D_0' class='edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link' style='%3b' data-edge='true' data-et='edge' data-id='L_C_D_0' data-points='W3sieCI6NDUyLjEyNSwieSI6Mjk0fSx7IngiOjQ1Mi4xMjUsInkiOjMxOX0seyJ4Ijo0NTIuMTI1LCJ5IjozNDR9XQ==' marker-end='url(%23mermaid-1_flowchart-v2-pointEnd)'/%3e%3cpath d='M350.531%2c386.43L310.401%2c392.525C270.271%2c398.62%2c190.01%2c410.81%2c149.88%2c420.405C109.75%2c430%2c109.75%2c437%2c109.75%2c440.5L109.75%2c444' id='L_D_D1_0' class='edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link' style='%3b' data-edge='true' data-et='edge' data-id='L_D_D1_0' data-points='W3sieCI6MzUwLjUzMTI1LCJ5IjozODYuNDMwMDgzOTcyMjUyNjV9LHsieCI6MTA5Ljc1LCJ5Ijo0MjN9LHsieCI6MTA5Ljc1LCJ5Ijo0NDh9XQ==' marker-end='url(%23mermaid-1_flowchart-v2-pointEnd)'/%3e%3cpath d='M393.2%2c398L384.107%2c402.167C375.014%2c406.333%2c356.827%2c414.667%2c347.734%2c422.333C338.641%2c430%2c338.641%2c437%2c338.641%2c440.5L338.641%2c444' id='L_D_D2_0' class='edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link' style='%3b' data-edge='true' data-et='edge' data-id='L_D_D2_0' data-points='W3sieCI6MzkzLjIwMDQyMDY3MzA3NjksInkiOjM5OH0seyJ4IjozMzguNjQwNjI1LCJ5Ijo0MjN9LHsieCI6MzM4LjY0MDYyNSwieSI6NDQ4fV0=' marker-end='url(%23mermaid-1_flowchart-v2-pointEnd)'/%3e%3cpath d='M511.05%2c398L520.143%2c402.167C529.236%2c406.333%2c547.423%2c414.667%2c556.516%2c422.333C565.609%2c430%2c565.609%2c437%2c565.609%2c440.5L565.609%2c444' id='L_D_D3_0' class='edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link' style='%3b' data-edge='true' data-et='edge' data-id='L_D_D3_0' data-points='W3sieCI6NTExLjA0OTU3OTMyNjkyMzEsInkiOjM5OH0seyJ4Ijo1NjUuNjA5Mzc1LCJ5Ijo0MjN9LHsieCI6NTY1LjYwOTM3NSwieSI6NDQ4fV0=' marker-end='url(%23mermaid-1_flowchart-v2-pointEnd)'/%3e%3cpath d='M553.719%2c385.82L596.198%2c392.017C638.677%2c398.213%2c723.635%2c410.607%2c766.115%2c420.303C808.594%2c430%2c808.594%2c437%2c808.594%2c440.5L808.594%2c444' id='L_D_D4_0' class='edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link' style='%3b' data-edge='true' data-et='edge' data-id='L_D_D4_0' data-points='W3sieCI6NTUzLjcxODc1LCJ5IjozODUuODIwMDIyNzkzMDIxODV9LHsieCI6ODA4LjU5Mzc1LCJ5Ijo0MjN9LHsieCI6ODA4LjU5Mzc1LCJ5Ijo0NDh9XQ==' marker-end='url(%23mermaid-1_flowchart-v2-pointEnd)'/%3e%3cpath d='M109.75%2c502L109.75%2c506.167C109.75%2c510.333%2c109.75%2c518.667%2c155.707%2c529.813C201.664%2c540.96%2c293.577%2c554.92%2c339.534%2c561.9L385.491%2c568.88' id='L_D1_E_0' class='edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link' style='%3b' data-edge='true' data-et='edge' data-id='L_D1_E_0' data-points='W3sieCI6MTA5Ljc1LCJ5Ijo1MDJ9LHsieCI6MTA5Ljc1LCJ5Ijo1Mjd9LHsieCI6Mzg5LjQ0NTMxMjUsInkiOjU2OS40ODAxOTM1MDEyNzc5fV0=' marker-end='url(%23mermaid-1_flowchart-v2-pointEnd)'/%3e%3cpath d='M338.641%2c502L338.641%2c506.167C338.641%2c510.333%2c338.641%2c518.667%2c347.128%2c526.722C355.615%2c534.778%2c372.59%2c542.556%2c381.077%2c546.445L389.564%2c550.334' id='L_D2_E_0' class='edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link' style='%3b' data-edge='true' data-et='edge' data-id='L_D2_E_0' data-points='W3sieCI6MzM4LjY0MDYyNSwieSI6NTAyfSx7IngiOjMzOC42NDA2MjUsInkiOjUyN30seyJ4IjozOTMuMjAwNDIwNjczMDc2OSwieSI6NTUyfV0=' marker-end='url(%23mermaid-1_flowchart-v2-pointEnd)'/%3e%3cpath d='M565.609%2c502L565.609%2c506.167C565.609%2c510.333%2c565.609%2c518.667%2c557.122%2c526.722C548.635%2c534.778%2c531.66%2c542.556%2c523.173%2c546.445L514.686%2c550.334' id='L_D3_E_0' class='edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link' style='%3b' data-edge='true' data-et='edge' data-id='L_D3_E_0' data-points='W3sieCI6NTY1LjYwOTM3NSwieSI6NTAyfSx7IngiOjU2NS42MDkzNzUsInkiOjUyN30seyJ4Ijo1MTEuMDQ5NTc5MzI2OTIzMSwieSI6NTUyfV0=' marker-end='url(%23mermaid-1_flowchart-v2-pointEnd)'/%3e%3cpath d='M808.594%2c502L808.594%2c506.167C808.594%2c510.333%2c808.594%2c518.667%2c760.289%2c529.88C711.983%2c541.093%2c615.373%2c555.186%2c567.068%2c562.233L518.763%2c569.279' id='L_D4_E_0' class='edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link' style='%3b' data-edge='true' data-et='edge' data-id='L_D4_E_0' data-points='W3sieCI6ODA4LjU5Mzc1LCJ5Ijo1MDJ9LHsieCI6ODA4LjU5Mzc1LCJ5Ijo1Mjd9LHsieCI6NTE0LjgwNDY4NzUsInkiOjU2OS44NTY1NzkyOTM0MTYzfV0=' marker-end='url(%23mermaid-1_flowchart-v2-pointEnd)'/%3e%3cpath d='M452.125%2c606L452.125%2c610.167C452.125%2c614.333%2c452.125%2c622.667%2c452.125%2c630.333C452.125%2c638%2c452.125%2c645%2c452.125%2c648.5L452.125%2c652' id='L_E_F_0' class='edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link' style='%3b' data-edge='true' data-et='edge' data-id='L_E_F_0' data-points='W3sieCI6NDUyLjEyNSwieSI6NjA2fSx7IngiOjQ1Mi4xMjUsInkiOjYzMX0seyJ4Ijo0NTIuMTI1LCJ5Ijo2NTZ9XQ==' marker-end='url(%23mermaid-1_flowchart-v2-pointEnd)'/%3e%3cpath d='M452.125%2c710L452.125%2c714.167C452.125%2c718.333%2c452.125%2c726.667%2c452.125%2c734.333C452.125%2c742%2c452.125%2c749%2c452.125%2c752.5L452.125%2c756' id='L_F_G_0' class='edge-thickness-normal edge-pattern-solid edge-thickness-normal edge-pattern-solid flowchart-link' style='%3b' data-edge='true' data-et='edge' data-id='L_F_G_0' data-points='W3sieCI6NDUyLjEyNSwieSI6NzEwfSx7IngiOjQ1Mi4xMjUsInkiOjczNX0seyJ4Ijo0NTIuMTI1LCJ5Ijo3NjB9XQ==' marker-end='url(%23mermaid-1_flowchart-v2-pointEnd)'/%3e%3c/g%3e%3cg class='edgeLabels'%3e%3cg class='edgeLabel'%3e%3cg class='label' data-id='L_A_B_0' transform='translate(0%2c 0)'%3e%3cforeignObject width='0' height='0'%3e%3cdiv xmlns='http://www.w3.org/1999/xhtml' class='labelBkg' style='display: table-cell%3b white-space: nowrap%3b line-height: 1.5%3b max-width: 200px%3b text-align: center%3b'%3e%3cspan class='edgeLabel'%3e%3c/span%3e%3c/div%3e%3c/foreignObject%3e%3c/g%3e%3c/g%3e%3cg class='edgeLabel'%3e%3cg class='label' data-id='L_B_C_0' transform='translate(0%2c 0)'%3e%3cforeignObject width='0' height='0'%3e%3cdiv xmlns='http://www.w3.org/1999/xhtml' class='labelBkg' style='display: table-cell%3b white-space: nowrap%3b line-height: 1.5%3b max-width: 200px%3b text-align: center%3b'%3e%3cspan class='edgeLabel'%3e%3c/span%3e%3c/div%3e%3c/foreignObject%3e%3c/g%3e%3c/g%3e%3cg class='edgeLabel'%3e%3cg class='label' data-id='L_C_D_0' transform='translate(0%2c 0)'%3e%3cforeignObject width='0' height='0'%3e%3cdiv xmlns='http://www.w3.org/1999/xhtml' class='labelBkg' style='display: table-cell%3b white-space: nowrap%3b line-height: 1.5%3b max-width: 200px%3b text-align: center%3b'%3e%3cspan class='edgeLabel'%3e%3c/span%3e%3c/div%3e%3c/foreignObject%3e%3c/g%3e%3c/g%3e%3cg class='edgeLabel'%3e%3cg class='label' data-id='L_D_D1_0' transform='translate(0%2c 0)'%3e%3cforeignObject width='0' height='0'%3e%3cdiv xmlns='http://www.w3.org/1999/xhtml' class='labelBkg' style='display: table-cell%3b white-space: nowrap%3b line-height: 1.5%3b max-width: 200px%3b text-align: center%3b'%3e%3cspan class='edgeLabel'%3e%3c/span%3e%3c/div%3e%3c/foreignObject%3e%3c/g%3e%3c/g%3e%3cg class='edgeLabel'%3e%3cg class='label' data-id='L_D_D2_0' transform='translate(0%2c 0)'%3e%3cforeignObject width='0' height='0'%3e%3cdiv xmlns='http://www.w3.org/1999/xhtml' class='labelBkg' style='display: table-cell%3b white-space: nowrap%3b line-height: 1.5%3b max-width: 200px%3b text-align: center%3b'%3e%3cspan class='edgeLabel'%3e%3c/span%3e%3c/div%3e%3c/foreignObject%3e%3c/g%3e%3c/g%3e%3cg class='edgeLabel'%3e%3cg class='label' data-id='L_D_D3_0' transform='translate(0%2c 0)'%3e%3cforeignObject width='0' height='0'%3e%3cdiv xmlns='http://www.w3.org/1999/xhtml' class='labelBkg' style='display: table-cell%3b white-space: nowrap%3b line-height: 1.5%3b max-width: 200px%3b text-align: center%3b'%3e%3cspan class='edgeLabel'%3e%3c/span%3e%3c/div%3e%3c/foreignObject%3e%3c/g%3e%3c/g%3e%3cg class='edgeLabel'%3e%3cg class='label' data-id='L_D_D4_0' transform='translate(0%2c 0)'%3e%3cforeignObject width='0' height='0'%3e%3cdiv xmlns='http://www.w3.org/1999/xhtml' class='labelBkg' style='display: table-cell%3b white-space: nowrap%3b line-height: 1.5%3b max-width: 200px%3b text-align: center%3b'%3e%3cspan class='edgeLabel'%3e%3c/span%3e%3c/div%3e%3c/foreignObject%3e%3c/g%3e%3c/g%3e%3cg class='edgeLabel'%3e%3cg class='label' data-id='L_D1_E_0' transform='translate(0%2c 0)'%3e%3cforeignObject width='0' height='0'%3e%3cdiv xmlns='http://www.w3.org/1999/xhtml' class='labelBkg' style='display: table-cell%3b white-space: nowrap%3b line-height: 1.5%3b max-width: 200px%3b text-align: center%3b'%3e%3cspan class='edgeLabel'%3e%3c/span%3e%3c/div%3e%3c/foreignObject%3e%3c/g%3e%3c/g%3e%3cg class='edgeLabel'%3e%3cg class='label' data-id='L_D2_E_0' transform='translate(0%2c 0)'%3e%3cforeignObject width='0' height='0'%3e%3cdiv xmlns='http://www.w3.org/1999/xhtml' class='labelBkg' style='display: table-cell%3b white-space: nowrap%3b line-height: 1.5%3b max-width: 200px%3b text-align: center%3b'%3e%3cspan class='edgeLabel'%3e%3c/span%3e%3c/div%3e%3c/foreignObject%3e%3c/g%3e%3c/g%3e%3cg class='edgeLabel'%3e%3cg class='label' data-id='L_D3_E_0' transform='translate(0%2c 0)'%3e%3cforeignObject width='0' height='0'%3e%3cdiv xmlns='http://www.w3.org/1999/xhtml' class='labelBkg' style='display: table-cell%3b white-space: nowrap%3b line-height: 1.5%3b max-width: 200px%3b text-align: center%3b'%3e%3cspan class='edgeLabel'%3e%3c/span%3e%3c/div%3e%3c/foreignObject%3e%3c/g%3e%3c/g%3e%3cg class='edgeLabel'%3e%3cg class='label' data-id='L_D4_E_0' transform='translate(0%2c 0)'%3e%3cforeignObject width='0' height='0'%3e%3cdiv xmlns='http://www.w3.org/1999/xhtml' class='labelBkg' style='display: table-cell%3b white-space: nowrap%3b line-height: 1.5%3b max-width: 200px%3b text-align: center%3b'%3e%3cspan class='edgeLabel'%3e%3c/span%3e%3c/div%3e%3c/foreignObject%3e%3c/g%3e%3c/g%3e%3cg class='edgeLabel'%3e%3cg class='label' data-id='L_E_F_0' transform='translate(0%2c 0)'%3e%3cforeignObject width='0' height='0'%3e%3cdiv xmlns='http://www.w3.org/1999/xhtml' class='labelBkg' style='display: table-cell%3b white-space: nowrap%3b line-height: 1.5%3b max-width: 200px%3b text-align: center%3b'%3e%3cspan class='edgeLabel'%3e%3c/span%3e%3c/div%3e%3c/foreignObject%3e%3c/g%3e%3c/g%3e%3cg class='edgeLabel'%3e%3cg class='label' data-id='L_F_G_0' transform='translate(0%2c 0)'%3e%3cforeignObject width='0' height='0'%3e%3cdiv xmlns='http://www.w3.org/1999/xhtml' class='labelBkg' style='display: table-cell%3b white-space: nowrap%3b line-height: 1.5%3b max-width: 200px%3b text-align: center%3b'%3e%3cspan class='edgeLabel'%3e%3c/span%3e%3c/div%3e%3c/foreignObject%3e%3c/g%3e%3c/g%3e%3c/g%3e%3cg class='nodes'%3e%3cg class='node default' id='flowchart-A-0' transform='translate(452.125%2c 35)'%3e%3crect class='basic label-container' style='' x='-100.71875' y='-27' width='201.4375' height='54'/%3e%3cg class='label' style='' transform='translate(-70.71875%2c -12)'%3e%3crect/%3e%3cforeignObject width='141.4375' height='24'%3e%3cdiv xmlns='http://www.w3.org/1999/xhtml' style='display: table-cell%3b white-space: nowrap%3b line-height: 1.5%3b max-width: 200px%3b text-align: center%3b'%3e%3cspan class='nodeLabel'%3e%3cp%3eAI Incident detected%3c/p%3e%3c/span%3e%3c/div%3e%3c/foreignObject%3e%3c/g%3e%3c/g%3e%3cg class='node default' id='flowchart-B-1' transform='translate(452.125%2c 139)'%3e%3crect class='basic label-container' style='' x='-126.3515625' y='-27' width='252.703125' height='54'/%3e%3cg class='label' style='' transform='translate(-96.3515625%2c -12)'%3e%3crect/%3e%3cforeignObject width='192.703125' height='24'%3e%3cdiv xmlns='http://www.w3.org/1999/xhtml' style='display: table-cell%3b white-space: nowrap%3b line-height: 1.5%3b max-width: 200px%3b text-align: center%3b'%3e%3cspan class='nodeLabel'%3e%3cp%3eDisable/rollback affected AI%3c/p%3e%3c/span%3e%3c/div%3e%3c/foreignObject%3e%3c/g%3e%3c/g%3e%3cg class='node default' id='flowchart-C-3' transform='translate(452.125%2c 255)'%3e%3crect class='basic label-container' style='' x='-130' y='-39' width='260' height='78'/%3e%3cg class='label' style='' transform='translate(-100%2c -24)'%3e%3crect/%3e%3cforeignObject width='200' height='48'%3e%3cdiv xmlns='http://www.w3.org/1999/xhtml' style='display: table%3b white-space: break-spaces%3b line-height: 1.5%3b max-width: 200px%3b text-align: center%3b width: 200px%3b'%3e%3cspan class='nodeLabel'%3e%3cp%3ePreserve evidence %e2%80%94 logs%2c outputs%3c/p%3e%3c/span%3e%3c/div%3e%3c/foreignObject%3e%3c/g%3e%3c/g%3e%3cg class='node default' id='flowchart-D-5' transform='translate(452.125%2c 371)'%3e%3crect class='basic label-container' style='' x='-101.59375' y='-27' width='203.1875' height='54'/%3e%3cg class='label' style='' transform='translate(-71.59375%2c -12)'%3e%3crect/%3e%3cforeignObject width='143.1875' height='24'%3e%3cdiv xmlns='http://www.w3.org/1999/xhtml' style='display: table-cell%3b white-space: nowrap%3b line-height: 1.5%3b max-width: 200px%3b text-align: center%3b'%3e%3cspan class='nodeLabel'%3e%3cp%3eRoot cause analysis%3c/p%3e%3c/span%3e%3c/div%3e%3c/foreignObject%3e%3c/g%3e%3c/g%3e%3cg class='node default' id='flowchart-D1-7' transform='translate(109.75%2c 475)'%3e%3crect class='basic label-container' style='' x='-101.75' y='-27' width='203.5' height='54'/%3e%3cg class='label' style='' transform='translate(-71.75%2c -12)'%3e%3crect/%3e%3cforeignObject width='143.5' height='24'%3e%3cdiv xmlns='http://www.w3.org/1999/xhtml' style='display: table-cell%3b white-space: nowrap%3b line-height: 1.5%3b max-width: 200px%3b text-align: center%3b'%3e%3cspan class='nodeLabel'%3e%3cp%3eTraining data issue%3f%3c/p%3e%3c/span%3e%3c/div%3e%3c/foreignObject%3e%3c/g%3e%3c/g%3e%3cg class='node default' id='flowchart-D2-9' transform='translate(338.640625%2c 475)'%3e%3crect class='basic label-container' style='' x='-77.140625' y='-27' width='154.28125' height='54'/%3e%3cg class='label' style='' transform='translate(-47.140625%2c -12)'%3e%3crect/%3e%3cforeignObject width='94.28125' height='24'%3e%3cdiv xmlns='http://www.w3.org/1999/xhtml' style='display: table-cell%3b white-space: nowrap%3b line-height: 1.5%3b max-width: 200px%3b text-align: center%3b'%3e%3cspan class='nodeLabel'%3e%3cp%3eModel issue%3f%3c/p%3e%3c/span%3e%3c/div%3e%3c/foreignObject%3e%3c/g%3e%3c/g%3e%3cg class='node default' id='flowchart-D3-11' transform='translate(565.609375%2c 475)'%3e%3crect class='basic label-container' style='' x='-99.828125' y='-27' width='199.65625' height='54'/%3e%3cg class='label' style='' transform='translate(-69.828125%2c -12)'%3e%3crect/%3e%3cforeignObject width='139.65625' height='24'%3e%3cdiv xmlns='http://www.w3.org/1999/xhtml' style='display: table-cell%3b white-space: nowrap%3b line-height: 1.5%3b max-width: 200px%3b text-align: center%3b'%3e%3cspan class='nodeLabel'%3e%3cp%3eInput manipulation%3f%3c/p%3e%3c/span%3e%3c/div%3e%3c/foreignObject%3e%3c/g%3e%3c/g%3e%3cg class='node default' id='flowchart-D4-13' transform='translate(808.59375%2c 475)'%3e%3crect class='basic label-container' style='' x='-93.15625' y='-27' width='186.3125' height='54'/%3e%3cg class='label' style='' transform='translate(-63.15625%2c -12)'%3e%3crect/%3e%3cforeignObject width='126.3125' height='24'%3e%3cdiv xmlns='http://www.w3.org/1999/xhtml' style='display: table-cell%3b white-space: nowrap%3b line-height: 1.5%3b max-width: 200px%3b text-align: center%3b'%3e%3cspan class='nodeLabel'%3e%3cp%3eIntegration issue%3f%3c/p%3e%3c/span%3e%3c/div%3e%3c/foreignObject%3e%3c/g%3e%3c/g%3e%3cg class='node default' id='flowchart-E-18' transform='translate(452.125%2c 579)'%3e%3crect class='basic label-container' style='' x='-62.6796875' y='-27' width='125.359375' height='54'/%3e%3cg class='label' style='' transform='translate(-32.6796875%2c -12)'%3e%3crect/%3e%3cforeignObject width='65.359375' height='24'%3e%3cdiv xmlns='http://www.w3.org/1999/xhtml' style='display: table-cell%3b white-space: nowrap%3b line-height: 1.5%3b max-width: 200px%3b text-align: center%3b'%3e%3cspan class='nodeLabel'%3e%3cp%3eFix %2b test%3c/p%3e%3c/span%3e%3c/div%3e%3c/foreignObject%3e%3c/g%3e%3c/g%3e%3cg class='node default' id='flowchart-F-20' transform='translate(452.125%2c 683)'%3e%3crect class='basic label-container' style='' x='-94.484375' y='-27' width='188.96875' height='54'/%3e%3cg class='label' style='' transform='translate(-64.484375%2c -12)'%3e%3crect/%3e%3cforeignObject width='128.96875' height='24'%3e%3cdiv xmlns='http://www.w3.org/1999/xhtml' style='display: table-cell%3b white-space: nowrap%3b line-height: 1.5%3b max-width: 200px%3b text-align: center%3b'%3e%3cspan class='nodeLabel'%3e%3cp%3eGradual re-enable%3c/p%3e%3c/span%3e%3c/div%3e%3c/foreignObject%3e%3c/g%3e%3c/g%3e%3cg class='node default' id='flowchart-G-22' transform='translate(452.125%2c 787)'%3e%3crect class='basic label-container' style='' x='-124.71875' y='-27' width='249.4375' height='54'/%3e%3cg class='label' style='' transform='translate(-94.71875%2c -12)'%3e%3crect/%3e%3cforeignObject width='189.4375' height='24'%3e%3cdiv xmlns='http://www.w3.org/1999/xhtml' style='display: table-cell%3b white-space: nowrap%3b line-height: 1.5%3b max-width: 200px%3b text-align: center%3b'%3e%3cspan class='nodeLabel'%3e%3cp%3eDocument lessons learned%3c/p%3e%3c/span%3e%3c/div%3e%3c/foreignObject%3e%3c/g%3e%3c/g%3e%3c/g%3e%3c/g%3e%3c/g%3e%3c/svg%3e)
8. Communication
8.1 Internal Communication
| Audience | Channel | Frequency |
|---|
| IRT | War room / Slack | Continuous |
| Management | Email + call | Every 4h (critical) |
| Employees | Email | As needed |
8.2 External Communication
| Audience | Odpovědnost | Approval |
|---|
| Regulators | DPO / CISO | CLO |
| Customers | PR + CS | CEO |
| Media | PR | CEO |
| Partners | Account manager | COO |
8.3 Communication Templates
Internal Status Update:
Subject: [INCIDENT-XXX] Status Update #N
Current Status: [ACTIVE/CONTAINED/RESOLVED]
Severity: [CRITICAL/HIGH/MEDIUM/LOW]
Incident Commander: [Name]
9. Documentation
9.1 Incident Record
Každý incident musí obsahovat:
| Pole | Popis |
|---|
| Incident ID | Unikátní identifikátor |
| Detection time | Kdy zjištěno |
| Start time | Kdy začalo (odhad) |
| End time | Kdy vyřešeno |
| Severity | Classification |
| Type | Data breach / Security / AI |
| Description | Co se stalo |
| Impact | Jaký dopad |
| Root cause | Příčina |
| Actions taken | Co jsme udělali |
| Lessons learned | Co zlepšit |
| Follow-up actions | Preventivní opatření |
9.2 Retention
| Dokument | Retention |
|---|
| Incident report | 5 let |
| Evidence | 5 let |
| Communication logs | 5 let |
| Forensic reports | 5 let |
10. Post-Incident Review
10.1 Post-Mortem Template
POST-MORTEM: [INCIDENT-XXX]
4. WHAT COULD BE IMPROVED
11. Training & Exercises
| Exercise | Frekvence | Scope |
|---|
| Tabletop exercise | Čtvrtletně | IRT |
| Phishing simulation | Čtvrtletně | All employees |
| IR drill | Pololetně | IRT + IT |
| Full-scale exercise | Ročně | Organization-wide |
12. Policy Review
- Po každém incidentu: Review lessons learned
- Čtvrtletně: Metrics review, process update
- Ročně: Full policy review + CISO approval
Příští revize: Q2 2026