Incident Response Runbook

End-to-end runbook for security, chain, custody, privacy and availability incidents on a tokenization platform — roles/RACI, severity matrix, SLAs, communications, and tested playbooks.

Download DOCX → Need help implementing IR/DORA?

Contents (short)

Roles & on-call — IC, Security, SRE, MLRO/Compliance, Legal/Privacy, Comms, Support.
Severity matrix & targets — SEV-1..4 with RTO/RPO.
Lifecycle & SLAs — detect, triage, contain, eradicate, recover, review.
Communications — status page, customers, regulator, LE, PR.
Playbooks — chain fork/reorg; custodian outage; smart-contract vuln; compromised account; privacy breach (GDPR 72h); DDoS.
Evidence & forensics — immutable store; chain of custody.
Recovery & reconciliation — balance breaks, settlement, FAQs.
RCA/CAP — board-ready reports and corrective actions.
KPIs — MTTD, MTTR, containment time, regulatory SLA, drills.
Annexes — contacts/escalations, notice templates, decision trees.

Download & next steps

Download the runbook and tailor roles, SEV thresholds, comms SLAs, and chain/custody playbooks to your stack and regulatory perimeter (MiCA, DORA/NIS2, FCA, etc.). We can run tabletop drills and implement the program.

Download IR Runbook (DOCX) Request customization