Security Incident Response
Description: Coordinates a security incident response team to address incidents related to information security. Ensures the College follows an incident response program with appropriate reporting, discovery, investigation, recovery, and follow-up for information security incidents.
Eligibility: Students, Faculty and Staff
How to request: contact the IT Help Center
Initiated:
- Requests entered through the ITS Help Request system
- Triggered by security incidents, alarms and alerts
Availability:
- Availability target is 24X7X365 except for scheduled maintenance, holidays or dependent party outages. Systems may have limited or no redundancy. Systems receive priority support during business hours. Limited on-call support response may be available outside of business hours.
Charges:
- No charges to on-campus clients.
Features:
- Responds to security incidents per College policies and the incident response plan.
- Records and tracks incidents and their resolution.
- Manages and monitors intrusion detection systems to prevent and identify potential security incidents.
- Issues advisory alerts regarding new vulnerabilities and threats.
- Leads security education and awareness efforts including workshops, websites, newsletters, posters, and other appropriate methods.
Owner: Matt Fisher
Pre-requisites:
- Adequate power and operating environment
Delivery Channels:
- Completed work requests
- Delivered goods and services
Service Targets:
- Appropriate security audit reports
- Mean time to resolve/close security incidents less than 2.5 business days
