How we detect, contain and communicate incidents.
This plan describes how LDPS Africa responds to security or availability incidents that affect the Intelligence Platform or the data it processes.
This document is app-owned editable content, not a third-party attestation or certification. It describes controls and practices as they exist at the review date.
Severity levels
- SEV-1 — Confirmed unauthorised access to customer data, or a total outage of core dashboards and payments.
- SEV-2 — Major degradation of a paid feature (reports, benchmarks, audits) or a partial outage affecting more than 10% of active accounts.
- SEV-3 — Isolated defect impacting a single account or a non-critical workflow.
Detection
Incidents are detected through automated error logging (client + server writes into error_log), payment webhook failure counters, third-party provider status feeds, and inbound reports from customers and security researchers.
Response phases
- Triage. On-call engineer confirms severity within 30 minutes of alert and opens an incident record in
sla_incidents. - Contain. Immediate mitigations — rotating keys, revoking sessions, disabling an endpoint — take priority over root-cause work.
- Communicate. SEV-1 and SEV-2 incidents are posted to the public Status page and, for confirmed data incidents, notified by email to affected account owners within 72 hours.
- Eradicate and recover. Patch is deployed through the standard release pipeline. Data restores follow the BCP/DR runbook.
- Learn. A written post-incident review is produced within 10 business days and its actions are tracked to completion.
Contacts
Security incidents: security@ldpsafrica.com. Availability and billing incidents: admin@ldpsafrica.com. Please include the affected account, a brief description, and any evidence you can share.
Email security@ldpsafrica.com for the security team or info@ldpsafrica.com for general enquiries.