IR-4: Incident Handling
NIST Baseline: Low
Privacy Baseline: Yes
DIR Required By: 07/20/2023
Review Date: 07/10/2024
- Information resource owners and custodians, in coordination with the Tarleton State University (Tarleton) Chief Information Security Officer (CISO), shall ensure that documented incident handling procedures are developed within each unit that addresses:
- Implementing an incident handling capability for incidents consistent with the incident response plan and includes preparation, detection and analysis, containment, eradication, and recovery.
- Coordinating incident handling activities with information system recovery and reconstitution planning activities with both internal and external incident response providers, as applicable; and;
- Incorporates lessons learned from ongoing incident handling activities into incident response procedures, training, and testing/exercises, and implements the resulting changes accordingly.
- The Tarleton CISO, or their designee, will coordinate the information security handling capabilities for Tarleton.