Incident Response and Management. Protect the organization’s information, including personal data, as well as its reputation, by developing and implementing an incident response infrastructure (e.g., plans, defined roles, training, communications, management oversight, retainers, and insurance) for quickly discovering an attack and then effectively containing the damage, eradicating the attacker's presence, and restoring the integrity of the organization’s network and systems.
Incident Response and Management. Where possible, partners will take immediate reasonable steps locally to contain any information incident impact that has arisen to support the overall management effort. Wiltshire Council’s Data Controller and Information Governance Lead will work in conjunction with partner organisations Information Governance Leads and Wiltshire Council Head of IT, as necessary, to co-ordinate the initial response to any information security incident from Single View. An initial assessment of the incident will be made to determine a management plan for the incident, including o Identification of members for incident response ‘team’; o Risk Assessment o Containment and recovery actions o Escalation / Notification to stakeholder parties of incident proportionate to the severity and risk of the incident o Mobilisation of any necessary incident response ‘team’. The Incident Management Plan will be a bespoke response to the security incident and shall in addition to the above considerations include an assessment of whether there needs to be an investigation on a criminal basis. This will be documented as a record of actions taken and will be updated as effectiveness of actions are completed and evaluated. The record will be a source for post-incident written reports and recommendations of any remedial action for policy or process improvement. Staff from all Single View partner organisations will be expected to provide relevant information to assist with any investigation that may follow a reported information security incident: in some instances they may be required to lead and undertake aspects of the investigation. Where a crime is suspected, then it should be reported to the Police and any investigative action undertaken must not compromise formal investigative procedures. Staff disciplinary investigations will be undertaken in relation to information security incidents where necessary and these investigations will involve HR and Legal services of affected partner organisations as appropriate. Communications protocols and a coordinated communications plan for the security incident will be put in place resulting from collaboration between stakeholders, for example business partners, third parties, police, media and communications support. Following risk assessment, significant information security incidents will be reported to the Information Commissioners Office. If the information security incident compromises health data a report will also be submitted to HSCIC using th...
Incident Response and Management a. Process to Detect a Security Related Incident. Each Party shall define and maintain a process to monitor and detect unauthorized access to, misuse or misappropriation of or fraudulent activity involving, Covered Information of the other Party by any personnel, temporary staff and third parties (e.g., subcontractor or outsourced service provider) of such Party that it uses to perform any of the obligations to be performed by such Party under the Program (a “Security Related Incident”).
Incident Response and Management. The Processor will implement and maintain a comprehensive incident response and management process designed to address and manage actions required by Processor as a result of a cyber attack or network security breach. Access Control Processor will maintain appropriate access controls, including, but not limited to, restricting access to Personal Data to the minimum number of Processor personnel who require such access. Only authorized staff can grant, modify or revoke access to an information system that uses or houses Personal Data. Processor will maintain an audit log. User administration procedures define user roles and their privileges, and how access is granted, changed and terminated; address appropriate segregation of duties; and define the logging/monitoring requirements and mechanisms. All employees of the Processor are assigned unique User IDs. Access rights are implemented adhering to the “principle of least privilege.” Processor will implement commercially reasonable physical and electronic security to create and protect passwords. ON Semiconductor will establish security procedures to prevent Personal Data Processing systems from being used accidentally or without authorization, such as through logical access controls.
Incident Response and Management. The Lender Information Risk Management Computer Incident Response Team ("CIRT") will be promptly notified by DealerTrack or its security designee when either DealerTrack or its security designee knows that a Security Event related to Lender's Customer Information at DealerTrack's site has occurred. DealerTrack will provide Lender with access, at DealerTrack's facility, to the hard, unaltered data and logs of the activity within seventy-two (72) hours of request from CIRT, subject to Lender's obligations with respect to confidentiality and reasonableness set forth in Section 23(a)(ii) above. Notwithstanding anything else to the contrary, this access to hard, unaltered data and logs shall not constitute or be deemed one of the two permitted audits set forth in Section 23(a)(ii) above.
Incident Response and Management
