INCIDENT MANAGEMENT AND RESPONSE POLICY
Policy Objective
This policy is intended to define requirements regarding the management of, and response to, information security incidents at Parkland College.
Scope
Information Security Incident Response functions at Parkland College. All Parkland College users are subject to this policy.
Policy
Section 1 – Incident Management
Every user of Parkland College information assets and data has a responsibility to protect the confidentiality, integrity, and availability of the assets and data with which they interact. They also have an obligation to report concerns related to potential information security issues and to cooperate with responders throughout the Cybersecurity incident investigation and afterwards.
Parkland College will react expeditiously when investigating Information Security incidents by having:
-
Established processes and procedures for incident response
-
Defined roles and responsibilities for incident response
-
Pre-arranged legal counsel for consultation
-
Pre-defined channels of communication
Information Security Incident Response actions should include:
-
Detection and Identification of a known or suspected incident
-
Analysis and Response to known or suspected incidents
-
Containment of harmful activity
-
Eradication of all incident elements from the environment
-
Recovery of information systems and assets affected by the incidents
-
Post-incident activity including lessons learned and documentation
-
Support of Parkland College’s capabilities in fulfilling obligations per federal and state laws, organizational contracts, policies, and regulatory requirements related to Cybersecurity Incidents, both known and suspected.
Incident response activities must follow adopted procedures, comply with local, state, and federal ordinances and relevant regulations, comply with any legal requirements and advice from legal counsel, and comply with requirements from law enforcement agencies and regulatory bodies.
Standards
ISP-06 - Incident Response Standard (login required)