From 41326fc7bbf5af244e63b74200611088e48b9df0 Mon Sep 17 00:00:00 2001 From: "john.xlm" <60260750+JFWooten4@users.noreply.github.com> Date: Mon, 25 May 2026 05:52:59 -0400 Subject: [PATCH 01/15] =?UTF-8?q?=F0=9F=97=82=EF=B8=8F=20Add=20incident=20?= =?UTF-8?q?sections=20file?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Codex --- incidents/SECTIONS.md | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 incidents/SECTIONS.md diff --git a/incidents/SECTIONS.md b/incidents/SECTIONS.md new file mode 100644 index 0000000..184ae62 --- /dev/null +++ b/incidents/SECTIONS.md @@ -0,0 +1,22 @@ +# ORGANIZATION final as README + +- Incident response +- Risk registry +- Key management +- Customer notice +- Service provider oversight + + +frmo 7 we have + +# INITIAL DOCUMENT REQUEST + +- Registrant Compliance Manual + +- Written Policies & Procedures Addressing Administrative, Technical, and Physical Safeguards for the Protection of Customer Information + +- Information Technology Managed Service Provider Contract + +- Organization Charts + +- Risk Assessments Related to technology/cybersecurity risk, controls, threats, vulnerabilities \ No newline at end of file From d13cf04d01337a5d6912fee1b115beff2fdc2a5c Mon Sep 17 00:00:00 2001 From: "john.xlm" <60260750+JFWooten4@users.noreply.github.com> Date: Mon, 25 May 2026 05:53:18 -0400 Subject: [PATCH 02/15] =?UTF-8?q?=F0=9F=93=84=20Expand=20incident=20docume?= =?UTF-8?q?nt=20requests?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- incidents/SECTIONS.md | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/incidents/SECTIONS.md b/incidents/SECTIONS.md index 184ae62..5f92a30 100644 --- a/incidents/SECTIONS.md +++ b/incidents/SECTIONS.md @@ -11,12 +11,23 @@ frmo 7 we have # INITIAL DOCUMENT REQUEST -- Registrant Compliance Manual +- Registrant "Compliance Manual" - Written Policies & Procedures Addressing Administrative, Technical, and Physical Safeguards for the Protection of Customer Information + - need sexpansion - Information Technology Managed Service Provider Contract - Organization Charts -- Risk Assessments Related to technology/cybersecurity risk, controls, threats, vulnerabilities \ No newline at end of file +- Risk Assessments Related to technology/cybersecurity risk, controls, threats, vulnerabilities + +- Incident Response Specific Requests + - Incident Response Plan + - Policies and Procedures that Document Registrant Program to Detect, Respond to, and Recover from Unauthorized Access to or Use of Customer Information, including Customer Notification Procedures + - Listing of staff, vendors, contractors, or other persons responsible for incident response activities. + - Listing of all tools that facilitate detection and monitoring of the Registrant's network environment. + + - Reports or supporting documentation that confirms monitoring of information systems, networks, and personnel activity to detect incidents. + + - If Registrant Suffered a Security Incident During Review Period, Provide Documentation Demonstrating their Incident Response Program Steps Were Followed for Each Incident. From 7e9735dc76cd7615cab9a1242518fe7596add1cb Mon Sep 17 00:00:00 2001 From: "john.xlm" <60260750+JFWooten4@users.noreply.github.com> Date: Mon, 25 May 2026 06:17:28 -0400 Subject: [PATCH 03/15] =?UTF-8?q?=F0=9F=93=84=20Update=20incident=20sectio?= =?UTF-8?q?n=20notes?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- incidents/SECTIONS.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/incidents/SECTIONS.md b/incidents/SECTIONS.md index 5f92a30..910ecfc 100644 --- a/incidents/SECTIONS.md +++ b/incidents/SECTIONS.md @@ -14,11 +14,11 @@ frmo 7 we have - Registrant "Compliance Manual" - Written Policies & Procedures Addressing Administrative, Technical, and Physical Safeguards for the Protection of Customer Information - - need sexpansion + - need sexpansion to prectioctno of physac lccritigicatsee - Information Technology Managed Service Provider Contract + - not outsnourced -- Organization Charts - Risk Assessments Related to technology/cybersecurity risk, controls, threats, vulnerabilities From b3b470ed54c6a12e6bbd6bc5d02d1e2bfaad4a9e Mon Sep 17 00:00:00 2001 From: "john.xlm" <60260750+JFWooten4@users.noreply.github.com> Date: Mon, 25 May 2026 06:19:22 -0400 Subject: [PATCH 04/15] =?UTF-8?q?=F0=9F=93=9A=20Set=20incident=20complianc?= =?UTF-8?q?e=20manual=20category?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Codex --- incidents/SECTIONS.md | 2 -- incidents/_category_.json | 3 +++ 2 files changed, 3 insertions(+), 2 deletions(-) create mode 100644 incidents/_category_.json diff --git a/incidents/SECTIONS.md b/incidents/SECTIONS.md index 910ecfc..75bd31a 100644 --- a/incidents/SECTIONS.md +++ b/incidents/SECTIONS.md @@ -7,9 +7,7 @@ - Service provider oversight -frmo 7 we have -# INITIAL DOCUMENT REQUEST - Registrant "Compliance Manual" diff --git a/incidents/_category_.json b/incidents/_category_.json new file mode 100644 index 0000000..5ad9a7d --- /dev/null +++ b/incidents/_category_.json @@ -0,0 +1,3 @@ +{ + "label": "Compliance Manual" +} From d3795f43ebf8a27e4a92d08971053a427ac8fb2c Mon Sep 17 00:00:00 2001 From: "john.xlm" <60260750+JFWooten4@users.noreply.github.com> Date: Mon, 25 May 2026 06:21:08 -0400 Subject: [PATCH 05/15] =?UTF-8?q?=F0=9F=93=9A=20Add=20root=20category=20no?= =?UTF-8?q?tes?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- _category_ copy.json | 6 ++++++ _category_.json | 4 ++++ 2 files changed, 10 insertions(+) create mode 100644 _category_ copy.json create mode 100644 _category_.json diff --git a/_category_ copy.json b/_category_ copy.json new file mode 100644 index 0000000..1756f65 --- /dev/null +++ b/_category_ copy.json @@ -0,0 +1,6 @@ +{ + "label": "operationss-ish" +} +commti combining finincails with taxes + +onbeanigng beta to legacy static \ No newline at end of file diff --git a/_category_.json b/_category_.json new file mode 100644 index 0000000..ea39e4f --- /dev/null +++ b/_category_.json @@ -0,0 +1,4 @@ +{ + "label": "Compliance Manual" +} +not forall \ No newline at end of file From afb96f1a7bddd81589fe180f86f095475d68ed39 Mon Sep 17 00:00:00 2001 From: "john.xlm" <60260750+JFWooten4@users.noreply.github.com> Date: Mon, 25 May 2026 15:45:55 -0400 Subject: [PATCH 06/15] init --- incidents/SECTIONS.md | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/incidents/SECTIONS.md b/incidents/SECTIONS.md index 75bd31a..2260dee 100644 --- a/incidents/SECTIONS.md +++ b/incidents/SECTIONS.md @@ -1,17 +1,22 @@ # ORGANIZATION final as README -- Incident response + - Risk registry - Key management -- Customer notice + - Technical adimuininstratni, proviniinnig + - Physical safegeards + - OVrsight +- Investor Clalfoificoatn + - Covored Custemer INformatn + - Customer notice - Service provider oversight +- Incident response PRgima -- Registrant "Compliance Manual" -- Written Policies & Procedures Addressing Administrative, Technical, and Physical Safeguards for the Protection of Customer Information +- for the Protection of Customer Information - need sexpansion to prectioctno of physac lccritigicatsee - Information Technology Managed Service Provider Contract From 4e471a9a498d954446b088e996be3f2afca5a024 Mon Sep 17 00:00:00 2001 From: "john.xlm" <60260750+JFWooten4@users.noreply.github.com> Date: Mon, 25 May 2026 16:03:48 -0400 Subject: [PATCH 07/15] nwap cuteromer for natural-persono inventoor --- incidents/SECTIONS.md | 21 +++++++++++++-------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/incidents/SECTIONS.md b/incidents/SECTIONS.md index 2260dee..70c521b 100644 --- a/incidents/SECTIONS.md +++ b/incidents/SECTIONS.md @@ -2,29 +2,34 @@ - Risk registry + - Cotrela assessemntss + - Technololoy assessments + - Cpbesecury assessments +- Velnerabelity management + - TAD surfadces + - Stellar surfgaces + - Deployment viulneabilitess - Key management - Technical adimuininstratni, proviniinnig - Physical safegeards - OVrsight - Investor Clalfoificoatn - - Covored Custemer INformatn - - Customer notice + - Covored Investor INformatn + - Investor notices + - Mali materials - Service provider oversight + - What's outsourced (info daigrams##) + - Public collaborani platofgrms + - PRovider Secrets acceess - Incident response PRgima -- for the Protection of Customer Information - - need sexpansion to prectioctno of physac lccritigicatsee -- Information Technology Managed Service Provider Contract - - not outsnourced -- Risk Assessments Related to technology/cybersecurity risk, controls, threats, vulnerabilities - - Incident Response Specific Requests - Incident Response Plan - Policies and Procedures that Document Registrant Program to Detect, Respond to, and Recover from Unauthorized Access to or Use of Customer Information, including Customer Notification Procedures From 2b87508f79c8f9f2f08bd0e888b8da85a6f3024a Mon Sep 17 00:00:00 2001 From: "john.xlm" <60260750+JFWooten4@users.noreply.github.com> Date: Mon, 25 May 2026 16:08:48 -0400 Subject: [PATCH 08/15] prep fo trhreat soap exec --- incidents/SECTIONS.md | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/incidents/SECTIONS.md b/incidents/SECTIONS.md index 70c521b..7d2cf81 100644 --- a/incidents/SECTIONS.md +++ b/incidents/SECTIONS.md @@ -23,7 +23,7 @@ - PRovider Secrets acceess - Incident response PRgima - + - @@ -32,10 +32,16 @@ - Incident Response Specific Requests - Incident Response Plan - - Policies and Procedures that Document Registrant Program to Detect, Respond to, and Recover from Unauthorized Access to or Use of Customer Information, including Customer Notification Procedures + - Policies and Procedures that Document + - Registrant Program to + - + - + - Detect, Respond to, and Recover from Unauthorized Access to or Use of Customer Information, including Customer Notification Procedures - Listing of staff, vendors, contractors, or other persons responsible for incident response activities. - Listing of all tools that facilitate detection and monitoring of the Registrant's network environment. - Reports or supporting documentation that confirms monitoring of information systems, networks, and personnel activity to detect incidents. - If Registrant Suffered a Security Incident During Review Period, Provide Documentation Demonstrating their Incident Response Program Steps Were Followed for Each Incident. + +gov -- Who owns risk, policy, roles, oversight, suppliers, and priorities \ No newline at end of file From 1a7d87370ec4946845ae2a110a3941bf5a637fe0 Mon Sep 17 00:00:00 2001 From: "john.xlm" <60260750+JFWooten4@users.noreply.github.com> Date: Mon, 25 May 2026 16:18:47 -0400 Subject: [PATCH 09/15] set icr --- incidents/SECTIONS.md | 15 +++------------ 1 file changed, 3 insertions(+), 12 deletions(-) diff --git a/incidents/SECTIONS.md b/incidents/SECTIONS.md index 7d2cf81..a434fe7 100644 --- a/incidents/SECTIONS.md +++ b/incidents/SECTIONS.md @@ -21,22 +21,13 @@ - What's outsourced (info daigrams##) - Public collaborani platofgrms - PRovider Secrets acceess - - Incident response PRgima - - - - - + - INturino detection + - ACtivity rensponses + - Ressponse & recovery -- Incident Response Specific Requests - - Incident Response Plan - - Policies and Procedures that Document - - Registrant Program to - - - - - - Detect, Respond to, and Recover from Unauthorized Access to or Use of Customer Information, including Customer Notification Procedures - Listing of staff, vendors, contractors, or other persons responsible for incident response activities. - Listing of all tools that facilitate detection and monitoring of the Registrant's network environment. From 0868fd524ef27cc14444f644e47dd1ec0a04951e Mon Sep 17 00:00:00 2001 From: "john.xlm" <60260750+JFWooten4@users.noreply.github.com> Date: Mon, 25 May 2026 16:19:13 -0400 Subject: [PATCH 10/15] contractors.. --- incidents/SECTIONS.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/incidents/SECTIONS.md b/incidents/SECTIONS.md index a434fe7..f5786c0 100644 --- a/incidents/SECTIONS.md +++ b/incidents/SECTIONS.md @@ -27,8 +27,10 @@ - Ressponse & recovery +other persons responsible for incident response activities. +^ Resposible is pretty brad nad could cccover DUNA particpaitno + - - Listing of staff, vendors, contractors, or other persons responsible for incident response activities. - Listing of all tools that facilitate detection and monitoring of the Registrant's network environment. - Reports or supporting documentation that confirms monitoring of information systems, networks, and personnel activity to detect incidents. From 1ddc84f04c3969895545bf48cbd190d15e6dbe05 Mon Sep 17 00:00:00 2001 From: "john.xlm" <60260750+JFWooten4@users.noreply.github.com> Date: Mon, 25 May 2026 16:50:32 -0400 Subject: [PATCH 11/15] conf test --- incidents/SECTIONS.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/incidents/SECTIONS.md b/incidents/SECTIONS.md index f5786c0..27794be 100644 --- a/incidents/SECTIONS.md +++ b/incidents/SECTIONS.md @@ -25,7 +25,7 @@ - INturino detection - ACtivity rensponses - Ressponse & recovery - +- Decentralisved Quirks other persons responsible for incident response activities. ^ Resposible is pretty brad nad could cccover DUNA particpaitno From 7e5f0c02c8ffdb33c629bf027065fedf5f0d5bf1 Mon Sep 17 00:00:00 2001 From: "john.xlm" <60260750+JFWooten4@users.noreply.github.com> Date: Mon, 25 May 2026 18:37:58 -0400 Subject: [PATCH 12/15] relaign swithch --- incidents/SECTIONS.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/incidents/SECTIONS.md b/incidents/SECTIONS.md index 27794be..6d4063c 100644 --- a/incidents/SECTIONS.md +++ b/incidents/SECTIONS.md @@ -25,13 +25,13 @@ - INturino detection - ACtivity rensponses - Ressponse & recovery -- Decentralisved Quirks +- Decentralisved coordination + - THesis ethos (ref values #decentaraid {#collective-wisdom}) + - Colllabetoraative frinedship + - Open network ([ detection and monitoring of the Registrant's intra environment; ec exec2 )] -other persons responsible for incident response activities. -^ Resposible is pretty brad nad could cccover DUNA particpaitno - - Listing of all tools that facilitate detection and monitoring of the Registrant's network environment. - Reports or supporting documentation that confirms monitoring of information systems, networks, and personnel activity to detect incidents. From 7b60f531fecd5ee238794a33d15e45bb1e2925ac Mon Sep 17 00:00:00 2001 From: "john.xlm" <60260750+JFWooten4@users.noreply.github.com> Date: Mon, 25 May 2026 18:40:16 -0400 Subject: [PATCH 13/15] twith sot --- incidents/SECTIONS.md | 65 +++++++++++++++++++++---------------------- 1 file changed, 31 insertions(+), 34 deletions(-) diff --git a/incidents/SECTIONS.md b/incidents/SECTIONS.md index 6d4063c..edfef3c 100644 --- a/incidents/SECTIONS.md +++ b/incidents/SECTIONS.md @@ -1,40 +1,37 @@ # ORGANIZATION final as README - - Risk registry - - Cotrela assessemntss - - Technololoy assessments - - Cpbesecury assessments -- Velnerabelity management - - TAD surfadces - - Stellar surfgaces - - Deployment viulneabilitess + - Control assessments + - Technology assessments + - Cybersecurity assessments +- Vulnerability management + - TAD surfaces + - Stellar surfaces + - Deployment vulnerabilities - Key management - - Technical adimuininstratni, proviniinnig - - Physical safegeards - - OVrsight -- Investor Clalfoificoatn - - Covored Investor INformatn + - Technical administration, provisioning + - Physical safeguards + - Oversight +- Investor Classification + - Covered Investor Information - Investor notices - - Mali materials + - Mail materials - Service provider oversight - - What's outsourced (info daigrams##) - - Public collaborani platofgrms - - PRovider Secrets acceess -- Incident response PRgima - - INturino detection - - ACtivity rensponses - - Ressponse & recovery -- Decentralisved coordination - - THesis ethos (ref values #decentaraid {#collective-wisdom}) - - Colllabetoraative frinedship - - Open network ([ detection and monitoring of the Registrant's intra environment; ec exec2 )] - - - - - - Reports or supporting documentation that confirms monitoring of information systems, networks, and personnel activity to detect incidents. - - - If Registrant Suffered a Security Incident During Review Period, Provide Documentation Demonstrating their Incident Response Program Steps Were Followed for Each Incident. - -gov -- Who owns risk, policy, roles, oversight, suppliers, and priorities \ No newline at end of file + - What's outsourced (info diagrams) + - Public collaboration platforms + - Provider secrets access +- Incident response program + - Intrusion detection + - Activity responses + - Response & recovery +- Decentralized coordination + - Thesis ethos (ref values #decentralized {#collective-wisdom}) + - Collaborative friendship ([gov -- Who owns risk, policy, roles, oversight, suppliers, and priorities]) + - Open network ([detection and monitoring of the Registrant's intra environment; ec exec2]) + +- Reports or supporting documentation that confirms +- monitoring of information systems, +- ~~networks,~~ and +- personnel activity //to detect incidents. + +- If Registrant suffered a Security Incident during the review period, provide documentation demonstrating their Incident Response Program steps were followed for each incident. From c9f8bdf5eda0270ddd355a6536bb0a7c0cc282fe Mon Sep 17 00:00:00 2001 From: "john.xlm" <60260750+JFWooten4@users.noreply.github.com> Date: Mon, 25 May 2026 18:50:05 -0400 Subject: [PATCH 14/15] no place eh --- incidents/SECTIONS.md | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/incidents/SECTIONS.md b/incidents/SECTIONS.md index edfef3c..727dc59 100644 --- a/incidents/SECTIONS.md +++ b/incidents/SECTIONS.md @@ -28,10 +28,7 @@ - Thesis ethos (ref values #decentralized {#collective-wisdom}) - Collaborative friendship ([gov -- Who owns risk, policy, roles, oversight, suppliers, and priorities]) - Open network ([detection and monitoring of the Registrant's intra environment; ec exec2]) - -- Reports or supporting documentation that confirms -- monitoring of information systems, -- ~~networks,~~ and -- personnel activity //to detect incidents. - -- If Registrant suffered a Security Incident during the review period, provide documentation demonstrating their Incident Response Program steps were followed for each incident. +- Team reports + - Post security incidents **demonstrating Incident Response Program steps were followed** + - System monitoring log + - Team protective practices (**collection of concepts with sourcing akin to the nondirective bias basis) \ No newline at end of file From db6d46294450786128080e6f9a04257867e22187 Mon Sep 17 00:00:00 2001 From: "john.xlm" <60260750+JFWooten4@users.noreply.github.com> Date: Mon, 25 May 2026 18:50:14 -0400 Subject: [PATCH 15/15] mmeta --- incidents/SECTIONS.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/incidents/SECTIONS.md b/incidents/SECTIONS.md index 727dc59..4aba040 100644 --- a/incidents/SECTIONS.md +++ b/incidents/SECTIONS.md @@ -31,4 +31,4 @@ - Team reports - Post security incidents **demonstrating Incident Response Program steps were followed** - System monitoring log - - Team protective practices (**collection of concepts with sourcing akin to the nondirective bias basis) \ No newline at end of file + - Team protective practices (**collection of concepts with sourcing akin to the nondirective bias basis)