Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 4.0

Previous Meeting | Next Meeting

Information Incident Reporting Policy Stakeholder Team (IReport PST)

Thursday Nov 13, 2008, 11:00-12:00 Rm 3139C CS

Notes

  1. Agenda review. (All) OK

  2. Discuss reaction to presentation at the forum. (All)
    • Observations: Main message received was the question of what incidents should be reported. Several people advocated for a broader reporting requirement.
    • Action: Addressed during item 5 of the agenda.

  3. Future joint meetings with IEncrypt team to work on PSIFramework?
    Proposed two joint meetings in January, then get input at February forum, followed by one joint meeting to incorporate the results, then a final joint meeting to submit the recommendations to the CIO. Action: OK. See Future Meetings below.

  4. Discuss agenda of the Nov 20th meeting. (All)
    Handout: Tentative Agenda. See https://wiki.doit.wisc.edu/confluence/display/POLICY/IReport+Meeting+2008-11-20
    Action: See updated version of the meeting aganda. (Same link as above.)

  5. Review / comment on the changes to the IReport recommendations document (All)
    Handout: IReport Recommendations. See: https://wiki.doit.wisc.edu/confluence/display/POLICY/IReport+Recommendations
    Action:
    • Added text to clarify the scope of what must be reported and what may voluntarily be reported. Did not want to mandate reporting of incidents beyond those involving sensitive information because of the very heavy load this would place on OCIS, (there are hundreds of "incidents" per day!)
    • Modified Information Incident Response Flowchart. Added step 0, end user observes suspicious activity or events. Modified step 1, end user contacts local IT staff or DoIT Help Desk. (Also updated Information Incident Response Template accordingly.) Added a reference on the flowchart to the template. Suggestion was made that during implementation the flowchart should be "live" on the web so folks can click on it see what the template has for that step.
    • Removed example from compliance recommendation.
    • Clarified throughout the document that DoIT Help Desk can be contacted if no local IT staff are available. Jeff will contact DoIT Help Desk to let them know we are recommending this role for them.
    • Clarified that end users have fulfulled their responsibility to report if they have contacted local IT staff or the DoIT Help Desk.
    • Clarified that IT staff have fulfilled their responsibility to report if they have made a good faith determination that the incident does not need to be reported or if they have reported it. (GWD also added while updating the document: ...or if they have escalated the decision to make a timely report to their supervisor or other appropriate management.)
    • All changes are visible by "track changes" in the 11/13 version.

  6. Other?

Future meetings:

Attachments

Attachments

See also: IReport Recommendations

Previous Meeting | Next Meeting

Contact