IR-4: Incident Handling

NIST Baseline:  Low 

Privacy Baseline:  Yes 

DIR Required By:  07/20/2023 

Review Date:  07/10/2024 

  • Information resource owners and custodians, in coordination with the Tarleton State University (Tarleton) Chief Information Security Officer (CISO), shall ensure that documented incident handling procedures are developed within each unit that addresses: 
    • Implementing an incident handling capability for incidents consistent with the incident response plan and includes preparation, detection and analysis, containment, eradication, and recovery. 
    • Coordinating incident handling activities with information system recovery and reconstitution planning activities with both internal and external incident response providers, as applicable; and; 
    • Incorporates lessons learned from ongoing incident handling activities into incident response procedures, training, and testing/exercises, and implements the resulting changes accordingly. 
  • The Tarleton CISO, or their designee, will coordinate the information security handling capabilities for Tarleton.  

References/Additional Resources

1 TAC § 202.23(b)  

1 TAC § 202.73(b)  

Section 512.053, Business and Commerce Code