- You are here:
- IR.2.01 - External Communication of Incidents Control Guidance
On this page
IR.2.01 - External Communication of Incidents
GitLab defines external communication requirements for incidents, including:
- Information about external party dependencies.
- Criteria for notification to external parties as required by GitLab policy in the event of a security breach.
- Contact information for authorities (e.g., law enforcement, regulatory bodies, etc.).
- Provisions for updating and communicating external communication requirement changes.
This control demonstrates that we have documented how we will communicate externally in the event of an incident. This helps the company by making sure we will contact the necessary external parties.
For detailed implementation guidance relevant to GitLab team-members, refer to the full guidance documentation.
For all reference links relevant to this control, refer to the full guidance documentation.
Examples of evidence an auditor might request to satisfy this control
For examples of evidence an auditor might request, refer to the full guidance documentation.