Xoxoday operates a formally documented Incident Response Team (IRT) within its Information Security function, led by a dedicated Incident Manager who reports directly to the CTO, and the entire framework is aligned with ISO 27001:2013 and SOC 2 standards.
Incident Response at Xoxoday
Xoxoday maintains a structured, documented incident response capability as a core part of its Information Security (Infosec) function. The Incident Response Team (IRT) is a permanent internal body — not an ad hoc group — with a dedicated Incident Manager who reports directly to the CTO. The CTO holds formal accountability for reviewing, approving, and overseeing the entire incident response framework, ensuring executive visibility from the moment an incident is detected.How Incidents Are Reported and Classified
Incidents are reported through the IT Helpdesk or directly to the Infosec team. Each incident is categorized as either IT or Non-IT at intake and documented accordingly, creating a consistent audit trail that supports both internal review and external compliance audits under SOC 2 Type II. This classification step ensures the right responders are engaged immediately, whether the incident involves a software integration failure in a system like Workday or SAP SuccessFactors, or a physical security event.Containment, Analysis, and Recovery
Once an incident is logged and classified, the IRT takes ownership of containment and evidence preservation. Root cause analysis is conducted for every incident, and a mitigation plan is developed before the recovery phase begins. Corrective actions are assigned to named owners with defined timelines and cost estimates, so remediation is tracked to closure rather than left open-ended.Client Notification and Escalation
If an incident is determined to have client impact, Xoxoday follows a defined escalation matrix to notify affected clients. Notification is not discretionary — the escalation process is documented and triggered based on impact thresholds. For enterprise customers who rely on Xoxoday integrations with tools like Microsoft Teams, Slack, or Darwinbox, this means timely, structured communication rather than reactive outreach.Continuous Improvement Through Monthly Reviews
All resolved incidents undergo a lessons-learned review. Findings are presented and discussed at monthly Information Security Management System (ISMS) meetings, enabling trend analysis across incident types and driving continuous improvement to Xoxoday’s security posture. This governance cadence is a direct requirement of ISO 27001:2013 and reinforces the controls that underpin Xoxoday’s SOC 2 Type II attestation. This end-to-end process — from detection and classification through containment, recovery, client notification, and retrospective review — reflects Xoxoday’s commitment to operational resilience and data protection across all its reward, recognition, and loyalty products. Learn more: Xoxoday Help Centre — Incident handlingData Security and Encryption
Understand how Xoxoday protects data at rest and in transit, including encryption standards and access controls across its platform.
Compliance Certifications
Learn about Xoxoday’s ISO 27001:2013 certification, SOC 2 Type II attestation, and how these frameworks govern its security practices.