Description
The University receives information security alerts/advisories on a regular basis, issues alerts/advisories to appropriate units or personnel, and takes appropriate actions in
response.
Applicability
-
Security alerts, advisories, and directives are the responsibility of the Chief Information Security Officer.
Implementation
-
The Chief Information Security Officer, or designee, is responsible for:
-
1
Receiving IT security alerts and advisories from established information security resources (both internal and external sources);
-
2
Identifying and evaluating alerts and advisories for reporting security threats that may impact the University;
-
3
Communicating internal security alerts, advisories, and directives as deemed necessary;
-
4
Determining required response activities with established time frames that shall be specified in a directive to units; and
-
5
Ensuring appropriate action, as specified in a directive, is completed by unit IT staff in response to a directive.