Page Comparison

...

This policy governs the actions required for reporting or responding to security incidents involving Chemwatch information technology resources to ensure effective and consistent reporting and handling of such events.

Scope

This policy applies to all employees using Chemwatch information technology resources or data.

Policy

Incident response will be handled appropriately based on the type and severity of the incident in accordance with the Incident Response Summary Table below.  

Roles and Responsibilities

...

1. Reporting Security incidents
   Any member of staff at Chemwatch must report any suspected incident to I.T. managers.
   
   
   
2. Responding to Security Incidents
   1. Incident Severity
      Incident response will be managed based on the level of severity of the incident. The level of severity is a measure of its impact on or threat to the operation or integrity of the company and its information. Four levels of incident severity will be used to guide incident response: high, medium, low, and NA (Not Applicable).
      
      
      1. High
         The severity of a security incident will be considered "high " if any of the following conditions exist:
         1. Threatens to have a significant adverse impact on a large number of systems and/or people (for example, the entire company is affected)
         2. Threatens confidential data 
         3. Adversely impacts our enterprise system or service critical to our operations.
            
            
      2. Medium
         The severity of a security incident will be considered "medium" if any of the following conditions exist:
         1. Adversely impacts a moderate number of systems and/or people.
         2. Adversely impacts a non-critical enterprise system or service
         3. Adversely impacts a departmental system or service, such as a file server
         4. Disrupts a building network
            
            
      3. Low
         Low severity incidents have the following characteristics:
         1. Adversely impacts a very small number of systems or individuals
         2. Disrupts a very small number of network devices or segments
            
            
      4. NA (Not Applicable)
         This is used for events reported as a suspected IT security incident but upon investigation of the suspicious activity, no evidence of a security incident is found.
         
         
         
         
         
         
   2. Incident Response Summary Table
      The following table summarizes the handling of IT security incidents based on incident severity, including response time, the responsible incident managers, and notification and reporting requirements. Check /wiki/spaces/CW/pages/27950367 on Levels of security issues.

...