HANOMART

GS

Crisis Playbook

5 scenarios · Response protocols · Real-time status

CRITICALMONITORING

Data Breach — User PII Exposure

Unauthorized access to user personal data including phone numbers, emails, or financial info.

Owner: CTO + Legal

Timeline: 0-4h containment, 24h disclosure

Response Steps

  1. 1Isolate affected systems immediately
  2. 2Engage incident response team + forensics
  3. 3Notify PDPA authority within 72 hours
  4. 4User notification via email + in-app banner
  5. 5Post-incident review + security audit
HIGHACTIVE

Merchant Scam — Fake Products/Fraud

Merchant selling counterfeit goods or running advance-fee fraud schemes.

Owner: Trust & Safety

Timeline: 1h freeze, 24h investigation

Response Steps

  1. 1Freeze merchant account + hold payouts
  2. 2Notify affected buyers with refund timeline
  3. 3Collect evidence + file report with authorities
  4. 4Update fraud detection rules
  5. 5Review merchant onboarding KYC process
HIGHMONITORING

BNPL Default Spike — Portfolio Risk

Default rate exceeds 5% threshold, triggering platform safety halt on new BNPL originations.

Owner: CFO + Risk

Timeline: 24h analysis, 48h action plan

Response Steps

  1. 1Halt new BNPL originations automatically (rule triggered)
  2. 2Analyze default cohorts by segment
  3. 3Tighten credit scoring thresholds
  4. 4Initiate collection process for 30+ day overdue
  5. 5Report to investors if material impact
CRITICALRESOLVED

Regulatory Action — License/Compliance

Government agency issues warning, fine, or orders operational changes related to e-commerce or lending.

Owner: CEO + Legal

Timeline: 0h response, ongoing compliance

Response Steps

  1. 1Acknowledge receipt and engage legal counsel
  2. 2Assess impact scope and affected operations
  3. 3Prepare compliance response within deadline
  4. 4Implement required changes
  5. 5Establish ongoing regulatory liaison
CRITICALRESOLVED

Platform Outage — Total Service Down

Complete platform unavailability affecting all users and transaction processing.

Owner: CTO + DevOps

Timeline: 0-15min detection, 1h recovery target

Response Steps

  1. 1Activate status page + social media updates
  2. 2Identify root cause (Cloudflare, D1, DNS)
  3. 3Execute failover/rollback procedures
  4. 4Process queued transactions after recovery
  5. 5Publish post-mortem within 48 hours
🏠Trang chủ📊Tăng trưởng🤖Công cụ AI👨‍💼Quản trị