8.2.2 Incident Response Plan

Policy TrackingDate
ApprovedFebruary 8, 2024

The CIO shall establish and maintain an Incident Response Plan. The purpose of the incident response plan is to define the process, roles, and responsibilities of College in the investigation and response to information security incidents that threaten the confidentiality, integrity, and availability of College information resources.

The College Incident Response plan shall include:

  • Definitions of key information security terms

  • Roles and Responsibilities

  • Incident identification

  • Reporting requirements

  • Criteria to categorize the severity of an incident

  • Procedures to investigate incidents and eliminate threats

  • Recovery and remediation

The College’s incident response plan is hosted in a secure system that is not publicly accessible.

Blue Ridge Community College Policies and Procedures Manual