Purpose
To provide ¼«ËÙÁùºÏ²Ê¿ª½±½á¹û with guidance to developing and implementing the appropriate activities to take action regarding a detected information security event.
Policy
¼«ËÙÁùºÏ²Ê¿ª½±½á¹û has an Incident Response Plan (IRP) that addresses the processes and procedures to be executed and maintained, to ensure timely response to a detected information security event. Analysis of detected information security events is conducted, by ¼«ËÙÁùºÏ²Ê¿ª½±½á¹û, to ensure adequate response and to support recovery activities. Upon detection of an information security event, ¼«ËÙÁùºÏ²Ê¿ª½±½á¹û will take the necessary actions to prevent the expansion of an event, to mitigate its effects, and eradicate the incident. Upon mitigation of an information security event, ¼«ËÙÁùºÏ²Ê¿ª½±½á¹û will incorporate lessons learned into the Incident Response Plan to improve upon it.
Summary
Description of the incident detection, analysis and response policy of ¼«ËÙÁùºÏ²Ê¿ª½±½á¹û including the Incident Response Plan (IRP), Incident Response Communications and containment, eradication and recovery mechanisms.