Skip Navigation
Request Info
Apply Now
Request Info
Apply Now
Skip to Menu Toggle Button

UMGC Policy X-1.06 UMGC Policy on Information Security Incident Response

EXPLORE MORE OF UMGC

Policy CategoryPolicy OwnerVersion Effective DateReview CycleLast ReviewedPolicy Contact
X. Information Governance, Security & TechnologyChief Transformation OfficerMarch 27, 2023Every 4 yearsJan. 28 2025IT Service Desk
  1. Purpose
    The purpose of this Policy is to ensure that the University is prepared to respond to Information Security Incidents, to protect University Information Systems and Information, and prevent disruption of University Information Resources by providing the required management for Incident handling, reporting, and monitoring.
  2. Scope and Applicability
    This Policy and its supporting standards and procedures apply to all Users who use or have access to UMGC Information Systems and Information Resources.
  3. Definitions
    Defined terms are capitalized throughout this Policy and can be found in the Information Governance Glossary.
  4. Security Incident Response
    1. Under the direction of the Sr. Director, Information Security, a Computer Incident Response Team (CIRT) shall be established to ensure appropriate response to Security Incidents. The CIRT shall consist of Employees and Contractors with the technical, administrative, and communication skills required to facilitate a prompt and thorough mitigation and remediation response to Security Incidents.
    2. An Information Security Incident response plan shall be developed and implemented that:
      1. Provides a well-defined, organized approach for responding to critical Security Incidents affecting University Information Resources and Information Systems.
      2. Describes the structure, roles, and responsibilities of the incident response capability
      3. Identifies management and key personnel and ensures they are notified of Information Security Incidents as required
      4. Defines reportable Incidents
      5. Defines Severity Classifications for Information Security Incidents (High, Moderate, Low)
    3. Upon notification of a Security Incident, the Sr. Director, Information Security (or designee) will carry out an initial investigation and make the decision whether to activate the CIRT.
    4. The Information Security Incident response plan and procedures shall be reviewed at least annually to address system/organizational changes or problems encountered during implementation, execution, or testing.
    5. Handling of all Information Security Incidents shall be documented in the Information Security Incident response plan and all technology specific remediation processes shall be documented in a procedures document.
    6. All operational units and other related University Employees and Contractors are required to provide the CIRT with any assistance requested for purposes of investigation, remediation, and reporting of an Incident.
    7. Continuous monitoring must be deployed and be prepared to provide operational visibility and managed change control in support of Incident response duties.
  5. Incident Reporting
    Any User who suspects or becomes aware of an Information Security Incident involving University information, Information Resources or Information Systems should contact the UMGC technical support service desk as soon as possible by calling 1-888-360-8682, emailing servicedesk@umgc.edu, or contacting UMGC Information Security.
  6. Exceptions
    Exceptions to this policy must be submitted to UMGC Information Security for review and approval.
  7. Enforcement
    1. Any Faculty, Staff, Contractor, or third-party performing duties on behalf of the University with knowledge of an alleged violation of this Policy shall notify the Information Security as soon as practicable.
    2. Information System Stewards in consultation with the Office of Human Resources may instruct Access Account Managers, or other appropriate personnel to confiscate, temporarily suspend, or terminate Users' access to Information Resources while investigating an alleged violation of this Policy.
    3. Any Employee, Contractor, or other third-party performing duties on behalf of the University who violates this Policy may be denied access to Information Resources and may be subject to disciplinary action, up to and including termination of employment or contract.
  8. Standards Referenced
    1. Most recent versions
      1. USM IT Security Standards
      2. NIST SP 800-171 “Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations”
      3. Cybersecurity Maturity Model Certification (CMMC)
  9. Related Policies
    1. UMGC Policy X-1.02 Data Classification
    2. UMGC Policy X-1.04 Information Security
    3. UMGC Policy X-1.12 Acceptable Use
    4. UMGC Policy X-1.19A Account Management (UMGC Learner Community)
    5. UMGC Policy X-1.19B Account Management (UMGC Workforce)

By using our website you agree to our use of cookies. Learn more about how we use cookies by reading our Privacy Policy.