Layout print header[D]

Managing Information Security Incidents Policy Overview

Introduction

This policy promotes good practice to ensure information security incidents are identified and resolved quickly. These incidents include those which put the IT infrastructure and systems at risk. All information security incidents must be reported to ITHelp. The IT Security Officer records the incident, secures any evidence and equipment, and arranges for appropriate investigations to be undertaken. If criminal evidence is found, the investigation is halted, and the appropriate authorities contacted.

Key Points

  • Only staff with the authorisation of the Chief Information Officer of IS&T may attempt to find security vulnerabilities,
  • All information security incidents must be reported to ithelp@shu.ac.uk on extension 3333,
  • The IT Security Officer must arrange to secure any evidence and equipment,
  • Any monitoring must adhere to the University monitoring policy,
  • If any criminal evidence is found the appropriate authorities will be contacted, and the internal investigation halted,
  • Any request by law enforcement agencies for information or assistance must be referred to the Secretary and Registrar's Directorate.

The Policy Document

The complete policy can be found here.

Guidance

Further guidance is currently under development.

Sheffield Hallam University website

Sheffield Hallam University, City Campus, Howard Street, Sheffield S1 1WB

Telephone 0114 225 5555 | Fax 0114 225 4449

Privacy Policy

Freedom of information

Feedback

Accessibility

Sitemap

Legal information