Skip to Content

University Technology Services


Banner Image

Information Technology Security

Incident Response

Incident response is the process of dealing with a security incident with the goal of limiting the amount of damage an attacker can do.

When does incident response occur?

In accordance with University IT Policy 3.00, the University Information Security Office is responsible for coordinating and investigating information security incidents.  A security incident has occurred anytime there has been unwanted activity that may affect the confidentiality, integrity, or availability of an IT system, including unauthorized access to systems.

During the incident response process, the university follows the industry standard processes of preparation, identification, containment, eradication, recovery, and lessons learned.


The Incident Response Procedure

The documents linked below illustrate the university-wide Information Security Incident Response Procedure.  Sub-procedures within the overall process are maintained with the respective organizational units.