A: Confirm scope and type of the data breached (e.g. quantity, from which systems)
A: Confirm scope and type of the data breached (e.g. quantity, from which systems)
B: Understand if any system tests and analysis have been performed to ensure the breach is still not ongoing.
B: Understand if any system tests and analysis have been performed to ensure the breach is still not ongoing.
C: Status on any breach notification process to users (mandated in some jurisdications, CCPA, GDPR, HIPAA)
C: Status on any breach notification process to users (mandated in some jurisdications, CCPA, GDPR, HIPAA)