Please report any problems to the Shared Tools Team at    Broken Links? Missing Macros? WIKI Retiring Plugins
Child pages
  • Incident Resp Meeting 2018-05-14
Skip to end of metadata
Go to start of metadata

Mon, May 14, 2018, 3:00-4:00, Rm 2147

Wiki page: Resp/
Box folder:

Attending: _x_ Gary De Clute, _x_ Dave De Coster, _x_ Will May, _x_ Allen Monette, _x_ Jeff Savoy, _x_ Jim Younger.


  1. Agenda Review

    • OK.

  2. Subcommittee Description
    Handout: Description (3/26 version) 

    • OK.

  3. Work Plan
    • Initiate Subcommittee. DONE.
    • Late May-Jun, Table Top Exercise (details TBD).
    • Early Jul, How to apply lessions learned in the TTE to the policy and procedures.
      Deliver preliminary recommendations to PAT EC at the May 18 meeting.
    • Eary Aug Refine recommendations
    • Late Sep Refine recommendations

      Deliver final version of recommendations to PAT EC at the Oct 19 meeting.

    • OK.
    • Would be helpful if the table top exercise occurs before the last two weeks in Jun.
  4. Meeting Schedule

    • OK.
    • Gary will schedule the next subcommittee meeting once the date of the table top exercise is known.
  5. Current Policies and Procedures
    1. UW System Administrative Procedure 1033, Information Security: Incident Response.
    2. UW-Madison Incident Reporting and Response Policy | Procedures | Template | Flowchart.
    3. UW-Madison Internal procedures (4/15 version, printed).
    4.  Comparison of UW System Policy and UW-Madison policy and procedures. (04/15 version)
    5. UW-Madison supporting documents: Help Desk search for: "security incident" | Help Desk search for: "security report" | IT.WISC.EDU search for: "security report"

    • Please the Incident Response Issues List on the team's private box folder (team members and collaborators only.)
    • Please review the UW System procedure (a) and the UW-Madison policy and procedures (b and c) and the comparison (d) before the next meeting.
    • If you wish, you could take a quick look at the other supporting documents (e) just to see about where we are implementation-wise.

  6. For next meeting
    • Discuss lessions learned during the table top exercise, and how they be applied to the UW-Madison policy and procedures.

Ground Rules

  1. Everyone must be treated respectfully, whether present or not.
  2. Everyone present who wants to speak on a topic must have a chance to speak.
  3. Attend more often than not, and review materials when you can't attend.
  4. Don't be shy, or worry about perception of an idea - we need open borders for these discussions.
  5. Let's park side issues or extensive detail for future work by this team, or others.

Future Agenda Items

  • Differences between UW System and UW-Madison documents.
  • Compensating Controls and preliminary recommendations
  • Discuss recommendations for the policy, standard, and supportion procedures
  • Interim Recommendations (if needed)
  • Final Recommendations

Future Meetings

Team Members

Gary De Clute (faciitator)IT PolicyDave De CosterEngineeringWill MayiSchool
Allen Monette (chair).CybersecurityJeff SavoyCybersecurityJim YoungerSLH

  • No labels