ISP-06 - Incident Management and Response Policy

INCIDENT MANAGEMENT AND RESPONSE POLICY


 

Policy Objective

This policy is intended to define requirements regarding the management of, and response to, information security incidents at Parkland College.

Scope

Information Security Incident Response functions at Parkland College. All Parkland College users are subject to this policy.

Policy

Section 1 – Incident Management


 

Every user of Parkland College information assets and data has a responsibility to protect the confidentiality, integrity, and availability of the assets and data with which they interact. They also have an obligation to report concerns related to potential information security issues and to cooperate with responders throughout the Cybersecurity incident investigation and afterwards.

Parkland College will react expeditiously when investigating Information Security incidents by having:

  • Established processes and procedures for incident response

  • Defined roles and responsibilities for incident response

  • Pre-arranged legal counsel for consultation

  • Pre-defined channels of communication

 

Information Security Incident Response actions should include:

  1. Detection and Identification of a known or suspected incident

  2. Analysis and Response to known or suspected incidents

  3. Containment of harmful activity

  4. Eradication of all incident elements from the environment

  5. Recovery of information systems and assets affected by the incidents

  6. Post-incident activity including lessons learned and documentation

  7. Support of Parkland College’s capabilities in fulfilling obligations per federal and state laws, organizational contracts, policies, and regulatory requirements related to Cybersecurity Incidents, both known and suspected.

 

Incident response activities must follow adopted procedures, comply with local, state, and federal ordinances and relevant regulations, comply with any legal requirements and advice from legal counsel, and comply with requirements from law enforcement agencies and regulatory bodies.


 

Standards

 

ISP-06 - Incident Response Standard (login required)
 


 

Details

Article ID: 156038
Created
Wed 5/31/23 2:59 PM
Modified
Wed 5/31/23 4:28 PM

Related Articles (1)

Information Security Term Definitions
Definitions of terms used across policies and standards