Purpose / Objective
The CIRT or Computing Incident Response Team is the urgent response team for information security events at XYZ Union Bank. This team is crucial to defending XYZ Credit Union Bank\'s company electronic emails facilities. This policy provides the Chief of Information Security office, who manages the CIRT, with the power to develop recommendations and requirements to meet the protection needs of users and to protect the systems of the bank. Support from all areas of the XYZ is vital to the CIRT's success. The following plan suggests those using Financial institution processing sources regarding the appropriate procedure for confirming of security-related occurrences and the actions that will be taken in reaction to an occurrence.
Scope
This policy governs the Union general response, records and confirming of occurrences impacting automated and digital interaction information resources, such as intrusion, theft, neglect of data, other activities in contrast to the XYZ Acceptable Use Policy, refusal of service, software corruption, computer and digital communication-based HIPAA violations, and incident reported to XYZ by other institutions and business entities. This policy applies to all XYZ Credit Union Administrator, members, faculty, staff, visitors, contractors, vendors and agents using Unions computing resources regardless of the ownership of the device used to connect to the XYZ Credit Union network.
Standards
YXZ Credit Union IT resources are responsible for keeping computer systems protected from activities that could compromise the confidentiality, integrity, or availability of the resources. XYZ shall perform regular and timely computer maintenance, which includes, but is not limited to, installation of software patches, and updates to malware and virus protection. The automatic implementation of patches and updates at regular intervals will be utilized for all capable devices. XYZ IT resources should be aware of the business and availability requirements for their systems, and owners shall create appropriate documentation and processes to meet the requirements outlined in these policies. All commercial application used on computers must be reinforced by an software license agreement that specifically explains the utilization rights and limitations of the product. Employees must stick to all license contracts and must not unlawfully copy certified software. The IRM through IS reserves the right to remove any duplicate application from any computer.
Procedure
The Procedure used by Computer Incident Response Team (CIRT) members and the other computing support staff including System Administrators, DCC’s and Division Chairs with respect to security occurrences are under the power and control of the Information Security Office chief. The ISO preserves internal procedures for incident recording, monitoring and confirming, for proof and evidence safe keep and related methods.
Policy Sections:
- Identification of Incidents
- Documentation and Interaction of Incidents
- Establishments of an Information Technology Security Incident Response Team
- Risk Evaluation Category Matrix
- Subordinate Procedures
- Role of YXZ Union Personnel, Training
- Relationship of State and Federal Agencies
- Incident Prevention
- Modification and Adjustment
Guidelines
Hands on step answer
The purpose of security or computer incident response plan is to maintain the confidentiality, integrity, and availability of system and data ; is a risk control issue for all companies or institutions, which includes the Connecticut University, And personal data is gathered and systems and procedures become progressively more complicated, rules continue to place requirements for the protection of that information on University.
Incident handling details procedures vary based on the classification and type of incident, each should include the following six phases:
- Preparation
- Detection
- Containment
- Remediation
- Resolution
- Closure and Lesson Learned
The University’s Incident strategy is recorded to offer a well-defined, reliable, and structured approach for managing security incident. The strategy explains and recognizes the tasks and responsibility of UConn\'s Response Team which is also called UCIRT, which is accountable for initiating the Incident Response Strategy. The objective of UCIRT is to offer an immediate, effective, and competent response to any incident with information protection significances (i.e., adversely affecting the privacy, reliability, or accessibility to School systems or data) and also expected to follow the Incident Response strategy or technique and is approved to take appropriate steps to contain and remediate an incident.
Works Cited
Brown.edu. "Computing Incident Response Team (CIRT) Policy." Brown University. CIS - Brown University, n.d. Web. 27 Apr. 2013.
ENISA. "Presentations to Management." Good Practice Guide for Incident Management (2010): n. pag. Print.
Yale.edu. "Yale University IT Security Incident Response." Yale University. Yale University, 17 Aug. 2010. Web. 27 Apr. 2013.