Incident Management

This document describes the requirements for dealing with computer security incidents. Security incidents include, but are not restricted to: malicious code detection; unauthorized use of computer accounts and computer systems; theft of computer equipment or theft of information; accidental or malicious disruption or denial of service attacks.

This procedure applies to all University information resources. The purpose of this procedure is to provide a set of measures that will mitigate information security risks associated with Incident Management. The intended audience is Information Security Administrators, Deans, and Department Heads.

• Information Resources (IR): the procedures, equipment, and software that are designed, employed, operated, and maintained to collect, record, process, store, retrieve, display, and transmit information or data.
• SIRS Security Incident Reporting: an electronic system for reporting (after the fact, after action) incidents in compliance with Texas Department of Information Resources (DIR) regulations.
  

Users should report any security potential information to Information Technology Services. Information Technology Services will assess the situation and report the incident to the University Police Department and to the Texas Department of Information Resources.