Security response policy
The purpose of this Security Response Policy from TechRepublic Premium is to outline the security incident response processes which must be followed. This policy will assist to identify and resolve information security incidents quickly and effectively, thus minimizing their business impact and reducing the risk of similar incidents recurring. It includes requirements for both end users and IT administrators.
From the policy:
SECURITY RESPONSE POLICY DETAILS
Defining security incidents
A security incident is defined as any perceived or actual event relating to information security that has the potential to:
- Cause a monetary loss to the company.
- Create an unfavorable public impression if released to the media.
- Cause the company to be in violation of any law or government regulation.
- Disrupt computer operations or network availability.
- Cause significant manpower expenditure to resolve.