xMatters has a Risk Management Procedure in place to identify, assess and treat risks depending on the level of impact and likelihood.
After treatment, all risks are re-assessed for residual risk evaluation. Risks are only accepted when they reach the lowest level and no longer represent threats to xMatters system and data assets.
xMatters has an established procedure for responding to potential security incidents.
All security incidents are managed by following the non-conformity treatment process:
- Immediate action
- Root-cause analysis and incident classification (based on severity)
- Corrective action
- Preventive action
All processes are documented and updated annually. Lessons learned are kept for future reference.
In the event of an incident, affected customers will be informed by our Technical Support Team or Customer Success Manager.