Respond to breaches according to professional protocol and policy.

Response should include

• acknowledging the breach immediately (remediate with stakeholders first)
• identifying the breach and explaining how it occurred
• identifying the communications strategy in regard to the breach
• identifying the remedy. 

Process/Skill Questions: 

• Why is it important for companies to be honest from the start when a breach occurs?
• How does a company decide whom to notify of a breach?
• How does a company decide what the potential damage could be if information is misused?