-
Research
and Publications
Current Issue
May/June 2013
EDUCAUSE ReviewPublications
-
Conferences
and Events
Annual Conference
October 15–18, 2013
Register now!Events for all Levels and Interests
Whether you're looking for a conference to attend face-to-face to connect with peers, or for an online event for team professional development, see what's upcoming.
-
Career
Development
EDUCAUSE Institute
Leadership/Management Programs
Explore MoreCareer Center
Leadership and Management Programs
EDUCAUSE Institute
Advanced Programs
Project Management
Jump Start Your Career Growth
Explore EDUCAUSE professional development opportunities that match your career aspirations and desired level of time investment through our interactive online guide.
-
Focus Areas
and InitiativesLatest Topics
EDUCAUSE organizes its efforts around three IT Focus Areas
Join These Programs If Your Focus Is
-
Connect
and ContributeFind Others
Get on the Higher Ed IT Map
Employees of EDUCAUSE member institutions and organizations are invited to create individual profiles.
-
About
EDUCAUSE
Incident Management and Response Checklist
Incident Management and Response Checklist
Rather than waiting for a data breach to happen, consider using an incident checklist to establish a campus incident response team, review your institution's readiness, and develop (or adjust) your incident management and response roadmap. In a recent Security listserv discussion, one campus was seeking an incident response decision tree or process flow to help determine when it's appropriate to perform forensic analysis of a compromised machine that accesses or stores sensitive data.
The Sensitive Data Exposure Incident Checklist developed by the Higher Education Information Security Council (HEISC) is intended to provide a general checklist of the steps that an institution might take when an incident involving sensitive data is discovered. Each item is recommended as an effective practice, but campuses are encouraged to use this checklist as a template and adjust the steps and tasks to meet your institution's needs in terms of state and local legal requirements, institutional policies, or campus culture. A sample workflow diagram is also provided since there is often the potential for multitasking incident steps and sub-steps. Institutions should plan to review their incident response plan or procedures on a regular basis.
For campuses that have already implemented and fine-tuned an incident response plan, we encourage you to review the University of Massachusetts Amherst's Data Security Incidents: Prevention & Response Procedures website, which references a Data Protection Action Plan and provides quick links to information by audience, topic, or keyword. Response procedures include options for faculty and staff or IT administrators, types of data security incidents, how to prevent data security incidents, as well as consequences of mishandling data security incidents.
Also check out NYU's IT Security Information Breach Notification Procedure page, which includes two flow charts that cover 1) general incident response procedures followed by the incident handler and 2) procedures for a Critical Incident Responder if the breach includes restricted data (including protected health information).
Latest Posts
Popular Topics
Recommend
