Incident Management Guidelines
Espionage can be conducted by individuals, groups, or governments in order to gain commercially sensitive information. Espionage can take many forms, either covert or overt, and can have significant impacts on a company, especially during a tendering phase of a business pursuit. Espionage can be conducted within the parameters of the law, or may be illegal. It can be geared to commercial activities, as well as operational functions.
In the event of an espionage incident occurring, the following points should be addressed:
- Stand up the Incident Management and Crisis Response Teams using the SAD CHALETS system.
- Determine what has occurred:
- When did it happen?
- Where did it happen?
- Who was involved?
- What information or materials were stolen or divulged?
- What implications does this have to the company?
- Secure facilities or sensitive materials to prevent further losses.
- Take a statement from the individual reporting the event.
- Determine whether any laws have been broken.
- Determine who might be or is responsible:
- Group or organization.
- Individuals involved.
- Determine whether persons are at physical risk following the event; stop any activity that might be compromised if persons are at risk.
- Alert police or federal agencies if urgent in nature.
- Provide an IMP Risk Assessment Report as soon as possible.