Incident Response & Reporting
Security and Privacy incidents need to be reported promptly to allow the issue to be investigated, contained, and resolved.
Timely and accurate information is essential to ensure information owners, custodians, security and privacy officers are well informed. Further, incident reporting helps to reduce the risk of reoccurrence.
CAC staff or any of its clients must report an event which has caused or has the potential to cause damage to CAC’s assets, damage to the CAC’s reputation, or if information has been transferred to someone who is not entitled to receive it.
Incidents include but are not limited to the following:
- the loss or theft of data or information;
- the transfer of sensitive or confidential information to those who are not entitled to receive that information;
- attempts (either failed or successful) to gain unauthorized access to data or information storage or a computer system;
- changes to information or data or system hardware, firmware, or software characteristics without knowledge, instruction, or consent;
- unwanted disruption or denial of service to a system;
- the unauthorized use of a system by any person.
Additional Actions May Be Required
Depending on the nature and the severity of the event the CAC Security Team may need to notify any/all of the following:
- Client and end users of the systems
- Data owners and custodians
- Queen’s University Security Officer
- Queen’s University Privacy Officer
