Incident Response and Reporting
Security and Privacy incidents need to be reported promptly to allow the issue to be investigated, contained, and resolved. Timely and accurate information is essential to ensure information owners, custodians, security and privacy officers are well informed. Further, incident reporting helps to reduce the risk of reoccurence.
CAC staff or any of its clients must report an event which has caused or has the potential to cause damage to CAC’s assets, damage to the CAC’s reputation, or if information has been transferred to someone who is not entitled to receive it.
Incidents include but not limited to the following:
- the loss or theft of data or information;
- the transfer of sensitive or confidential information to those who are not entitlted to receive that information;
- attempts (either failed or successful) to gain unauthorized access to data or information storage or a computer system;
- changes to information or data or system hardware, firmware, or software characteristics without knowledge, instruction, or consent;
- unwanted disruption or denial of service to a system;
- the unauthorized use of a system by any person.
On discovery of security and/or privacy incident, please download and complete the form below, providing as much detail as possible. Once we receive your submission, the CAC Security Response Team will promptly begin an investigation.
