To maintain Information Security in ongoing operations, it is necessary to have developed and practiced a policy for the handling of security incidents. A security incident refers to an event whose impact could cause significant loss or damage. To prevent or contain any loss or damage, security incidents should be dealt with swiftly and efficiently. If there is a predefined procedure available to be invoked, then reaction times can be minimized. The possible loss or damage which could occur in a security incident can affect both the confidentiality and integrity of data and also its availability.
The objective of the Information Security Incident Policy is to set up the foundation of security incidents management in order to minimize the damage and malfunctions, and to monitor and learn from such incidents. The reaction to a security incident aims to protect and restore the normal operating condition of any information asset of the Company and of the supporting infrastructure: computers, systems, systems software, applications, and services.
1.1 PROCEDURE OWNER
1.3 APPLICABLE REGULATIONS
1.4 RELATED [COMPANY] NORMS AND PROCEDURES
1.6 AUDIENCE AND SCOPE
1.7 DOCUMENT SUPPORT
2. DEFINITIONS & ABBREVIATIONS
3.1 REPORTING SECURITY INCIDENTS
3.2 INCIDENT REPORTING INFORMATION
3.3 CONSEQUENCES OF NOT REPORTING A SECURITY INCIDENT
3.4 REPORTING SECURITY WEAKNESSES
3.5 RESPONDING TO INFORMATION SECURITY INCIDENTS
4.1 DEPARTMENT MANAGER(S)
4.2 INFORMATION SECURITY TEAM
6. FINAL CONSIDERATIONS
6.1 DISCIPLINARY ACTIONS AGAINST PROCEDURE VIOLATION
6.2 DOCUMENT REVISION
The IT Acceptable Use Policy sets out the principles and instructions to follow for acceptable and appropriate use of information technology hardware, software, systems, applications, data, facilities, networks, and telecommunications equipment based on information security control objectives and requirements to protect Company’s IT information assets.