Description

The University receives information security alerts/advisories on a regular basis, issues alerts/advisories to appropriate units or personnel, and takes appropriate actions in response.

Applicability

  • Security alerts, advisories, and directives are the responsibility of the Chief Information Security Officer.

Implementation

  • The Chief Information Security Officer, or designee, is responsible for:

  • 1

    Receiving IT security alerts and advisories from established information security resources (both internal and external sources);

  • 2

    Identifying and evaluating alerts and advisories for reporting security threats that may impact the University;

  • 3

    Communicating internal security alerts, advisories, and directives as deemed necessary;

  • 4

    Determining required response activities with established time frames that shall be specified in a directive to units; and

  • 5

    Ensuring appropriate action, as specified in a directive, is completed by unit IT staff in response to a directive.