Company’s Information Systems are a potential target for external and / or internal security attacks. This fact implies that regardless of the security measures taken, it is likely that security incidents will occur.
A security incident is every violation or attempt for violation of the integrity, availability or confidentiality of Company’s information, which caused or could cause damage to the Company.
The objective of the Information Security Incident Handling Procedure is the determination of a specific incident handling direct procedure, in order the negative consequences to be reduced and the Company appropriate operation to be restored as soon as possible.
The definition of a specific incident handling procedure contributes to the comprehension of the main incident causes, in order the possibility of incident reoccurrence to be reduced and also makes feasible the periodic assessment and evaluation of the related risk and the incident handling methods effectiveness.
For each Company information system and application and generally in all cases where the Company’s information (printed or electronic) security may be compromised, a predefined and documented incident handling procedure must be in place. Standard incident handling procedures are published and modified by the Company Information Security Officer in cooperation with all involved Units.
1.1 PROCEDURE OWNER
1.3 APPLICABLE REGULATIONS
1.4 RELATED [COMPANY] NORMS AND PROCEDURES
1.6 AUDIENCE AND SCOPE
1.7 DOCUMENT SUPPORT
2. DEFINITIONS & ABBREVIATIONS
3. SECURITY INCIDENT HANDLING
3.1 SECURITY INCIDENTS REPORT
3.2 SECURITY INCIDENTS EVALUATION BASED ON THEIR CRITICALITY
4. SECURITY INCIDENT HANDLING BASIC ACTIONS
4.1 AN INCIDENT IDENTIFICATION AND EVALUATION
4.2 INCIDENT CONTAINMENT
4.3 DETECTION AND ELIMINATION OF SECURITY INCIDENT CAUSES
4.4 RESTORATION OF INFORMATION ASSETS TO NORMAL OPERATION
4.5 ANALYSIS AND DOCUMENTATION OF INCIDENT
5. PROCEDURE DETAILED DESCRIPTION
5.1 INCIDENT REPORT
5.2 INCIDENT CAUSES CONTAINMENT
5.3 INCIDENT CAUSES DETECTION AND ELIMINATION
6. INFORMATION ASSETS RESTORATION
7. INCIDENT ANALYSIS AND DOCUMENTATION
9. FINAL CONSIDERATIONS
9.1 DISCIPLINARY ACTIONS AGAINST PROCEDURE VIOLATION
9.2 DOCUMENT REVISION
The Audio and Web Conferencing Services Usage Policy document governs the processes and procedures related to the use of audio and web conferencing solutions available to all Company staff.
Adequate Capacity Management Policy must be defined and implemented at the Company, in order to be possible to correctly monitor the performance of the existing or future Company systems, to forecast their future evolution and identify possible bottlenecks.