Responds to major data security breaches in line with security and information governance policies and recommends appropriate control improvements. Supports any investigation that takes place as a result of a breach. Supports action to categorise and limit damage, according to the organisation’s security policy, which may include escalation and reporting the incident to the Information Commissioner’s Office, and records the incident and action taken.