Policy
Policy Name
Security Incident Management Policy

Overview
Incident Management is the process to ensure security events and weaknesses (or "incidents") with information systems and processes are reported, investigated and resolved in a timely manner. Individuals should be made aware of their responsibilities and procedures to report information security incidents as soon as possible.

Statement
  • There must be a structured and documented process to report, escalate, and resolve information security incidents.
  • Information security incidents must be reported immediately upon discovery.
  • Roles and responsibilities must be established to ensure timely, effective response to information security incidents.
  • Incidents must be formally documented to include date, time, type of incident, evidence and corrective actions taken.
  • There must be a formal process to monitor systems and vulnerabilities to detect incidents in a timely manner.

Justification

The following benefits will be achieved:

  • Information security incidents are handled in a timely, controlled process to reduce exposure and impact to data breach and brand damage
  • A standardized process to ensure consistency and enhanced controls to handle security incidents.

Scope
All employees, contractors, agents and third-parties

Consequeces for Noncompliance
Noncompliance to this policy can result in disciplinary action up to and including termination of employment or contract.

Topics
Incident Management
Security Monitoring