Abstract
This presentation provides preliminary findings from the first phase of the Computer Incident Factor Analysis and Categorization (CIFAC) project, exploring the relationship between job responsibilities and perceptions of incident seriousness, variables affecting perceptions, and incident categorization. A categorization model and its application to university IT security specialists will be presented.