6.12 INCIDENT RESPONSE
Effective: August 15, 2024
Purpose: The ability to react quickly and calmly to an incident is a trait that is helped only with documented procedures and practice. As Emporia State University is committed to the confidentiality, integrity, and availability of the information it is entrusted, the ability to respond to all forms of security incidents must be established.
Scope: This policy applies to all information technology related incidents.
Responsible Office: Information Technology
Policy Statement: It is the responsibility of the Information Security Officer (ISO) to:
- Develop the Information Security (IS) Incident Reporting Form and Procedures;
- Communicate regularly with students, faculty, and staff about the IS Incident Reporting Procedures located on the Information Security website; and
- Coordinate the Computer Security Incident Response Team (CSIRT) efforts and to obtain help from the appropriate personnel and agencies as denoted in the CSIRT Procedures.
It is the responsibility of the various units to allocate resources to the CSIRT as needed and defined in the CSIRT Procedures.
The ISO is responsible for monitoring and reporting compliance with this policy and to review this policy on an annual basis.
It is the policy of ESU to respond to security incidents that may affect the confidentiality, integrity, or availability of university information assets in an effective and productive manner.
ESU faculty, staff, and students are to report incidents to the Information Security Officer (ISO) as per the Information Security Incident Reporting Procedures.
The CSIRT is responsible for managing the response to information security related incidents. This team is comprised of individuals from the University community involving Administration, Human Resources, IT staff, University police, a faculty member, system owners, and led by the ISO. Other groups may be represented on the CSIRT as necessary.
Definitions: All words and phrases shall be interpreted utilizing their plain meanings unless otherwise defined in another University or Board of Regents policy or by statute or regulation.
Procedures: All procedures linked and related to the policies above shall have the full force and effect of policy if said procedures have first been properly approved by the University’s administrator in charge of Information Technology.
[Information Technology procedures - coming soon]
Related Policy Information: [coming soon]