Cyber-Security Incident Handling Standard
RIT has created a process for handling computer incidents to ensure that each incident is appropriately resolved and further preventative measures are implemented.
Cyber-Security Incident Handling Standard
- Current Incident Handling Standard (supersedes previous version, comply by 1/23/15)
Who does the standard apply to?
- The standard primarily applies to administrators of RIT-owned or leased computing devices.
- The standard also applies to users of personally-owned or leased devices should the incident involve RIT resources.
What is an incident?
Incidents include the following types of events:
- Physical loss of a computing device (including storage devices)
- Detection of unauthorized users accessing a computing device
- Discovery of malware on a computing device
- Discovery of critical vulnerabilities or improper configuration that could result in a breach of information
What do I have to do?
Group | Action Needed |
---|---|
Everyone | If the incident involves the loss or theft of a device containing Private, Confidential or Operationally Critical information, you should immediately file a report with Public Safety. |
Self-supported users |
|
Users supported by Systems Administrators |
|
System Administrators |
|
Resources
- Incident Handling Flowchart (rev. 11/16/15)
- Report a Cyber-Security Incident