The purpose of this policy is to provide the framework in which information security incidents will be handled.

Policy Statement

The purpose of this policy is to provide the framework in which information security incidents will be handled.

Reason for Policy

This policy governs the actions required for reporting or responding to security incidents involving Adelphi information and/or information technology resources to ensure effective and consistent reporting and handling of such events.

Who Is Governed by this Policy

All end-user and application management accounts on computerized information systems operated by or on behalf of Adelphi University.

Policy

  1. Information security incidents will be handled by a team that is directed by the Information Security Officer. In order to stay aligned with global best practices, the team will be referenced as Adelphi University Computer Security Incident Response Team (Adelphi-CSIRT).
  2. Incidents must be explicitly declared by the Information Security Officer and will be documented appropriately.
  3. All contacts with members of the press must be channeled through the Director of Media Affairs.

Enforcement

Any employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.

Deviation From This Policy

Deviation from this policy is allowed after approval by the Chief Information Officer.

Definitions

This policy does not have definitions associated with it at this time. Upon periodic policy review this area will be evaluated to determine if additional information is needed to supplement the policy.

Forms

This policy does not have forms associated with it at this time. Upon periodic policy review this area will be evaluated to determine if additional information is needed to supplement the policy.

Related Information

This policy does not have related information at this time. Upon periodic policy review this area will be evaluated to determine if additional information is needed to supplement the policy.

Document History

  • Last Reviewed Date: March 30, 2023
  • Last Revised Date: September 01, 2017
  • Policy Origination Date: October 7, 2009

Who Approved This Policy

Carol Ann Boyle, Chief Information Officer

Policy Owner

Secondary Contacts

Search Menu