OUHSC Information Technology Department |
Information Security Incident Response and Reporting Procedures All suspected information security incidents must be reported promptly to the appropriate university office or party. What to Report
Timeline for Reporting and Response to Cybersecurity Incidents When a Cybersecurity Incident is identified, it is the responsibility of the identifying person to report a Cybersecurity Incident to the OUHSC Service Desk. Service Desk will create an incident in ServiceNow and assign task to IT Security for incident response. If a computer involved in the incident interacts with regulated/sensitive data such as ePHI, PCI, PII, FERPA, etc.
****IT Security may need to collect the computer/hard drive to perform forensic evaluation of the malware and may retain the hard drive until the investigation concludes****
Within 2 hours of identification of an incident Tier Ones:
Within 8 hours of incident reported to IT Security
Following the report, individuals must comply with directions provided by IT Support staff or IT Security to repair the system, restore service, and preserve evidence of the incident.
****IT Security may need to collect the computer/hard drive to perform forensic evaluation of the malware and may retain the hard drive until conclusion of the investigation****
If you have any questions concerning the above procedures, please contact IT Security at (405)271-2476 or ITSecurity@ouhsc.edu |
|
Copyright © 2006 The Board of Regents of the University of Oklahoma, All Rights Reserved.- Disclaimer | Copyright |