8.2.2 Incident Response Plan
| Policy Tracking | Date |
|---|---|
| Approved | February 8, 2024 |
| Revised | |
| Reviewed |
The CIO shall establish and maintain an Incident Response Plan. The purpose of the incident response plan is to define the process, roles, and responsibilities of College in the investigation and response to information security incidents that threaten the confidentiality, integrity, and availability of College information resources.
The College Incident Response plan shall include:
Definitions of key information security terms
Roles and Responsibilities
Incident identification
Reporting requirements
Criteria to categorize the severity of an incident
Procedures to investigate incidents and eliminate threats
Recovery and remediation
The College’s incident response plan is hosted in a secure system that is not publicly accessible.
Blue Ridge Community College Policies and Procedures Manual