Managing Information Security Incidents Policy Overview
Introduction
This policy promotes good practice to ensure information security incidents are identified and resolved quickly. These incidents include those which put the IT infrastructure and systems at risk. All information security incidents must be reported to ITHelp. The IT Security Officer records the incident, secures any evidence and equipment, and arranges for appropriate investigations to be undertaken. If criminal evidence is found, the investigation is halted, and the appropriate authorities contacted.
Key Points
- Only staff with the authorisation of the Director Of Digital Technology Services may attempt to find security vulnerabilities,
- All information security incidents must be reported to the DTS Service Desk on extension 3333 or via https://go.shu.ac.uk/staffDTScontactus,
- The IT Security Officer must arrange to secure any evidence and equipment,
- Any monitoring must adhere to the University monitoring policy,
- If any criminal evidence is found the appropriate authorities will be contacted, and the internal investigation halted,
- Any request by law enforcement agencies for information or assistance must be referred to the Secretary and Registrar's Directorate.
The Policy Document
The complete policy can be found here.
Guidance
Further guidance is currently under development.