Threat management and incident response
Incident response personnel
The Apple Incident Response Team monitors systems and alerts 24/7 to triage incoming alerts and identify potential security events. Events are tracked in a centralized tracking tool where details are captured and analyzed. Additional stakeholders are included to support remediation as necessary.
Incident management
Apple’s incident management program incorporates procedures to identify and manage risks in a timely and effective manner. Appropriate personnel analyze security events, and if an event is designated as an incident, Apple applies a standardized approach to classify, prioritize, and respond to it. An incident response plan is documented, defining the roles, responsibilities, compliance obligations, and communication procedures for an incident. The Apple HIPAA Privacy Officer and the HIPAA Security Officer are both involved in all relevant identified, reported, and investigated events.