10.6 Incidents and Violations

10.6 Incidents and Violations

Copyright(c), 1995 - Management Analytics - All Rights Reserved


All DOC organizations will establish and implement a process and procedures to minimize the risk associated with violations of IT security, to ensure timely detection and reporting of actual or suspected incidents or violations.

An IT security incident is any event, suspected event, or vulnerability that could pose a threat to the integrity, availability, or confidentiality of DOC's systems, applications or data. Incidents may result in the possession of unauthorized knowledge, the wrongful disclosure of information, the unauthorized alteration or destruction of data or systems and violation of federal or state laws.

If such violations are detected or suspected, they are to be reported immediately to the DOC IT Security Manager through the operating unit ITSO. Section 6 of the "DOC IT Security Manual contains specific information concerning the reporting requirements for IT security violations.

10.6.1 Malicious Software

All DOC organizations will establish and implement a process and procedures to minimize the risk of introducing viruses and other malicious software, to ensure timely detection of viral infections, to provide procedures for eliminating viral infections from the Department's inventory of microcomputers (PCs), and to provide procedures to minimize the risk from malicious programs to larger systems, or systems where virus detection software is not yet available.

If such violations are detected or suspected, they are to be reported immediately to the DOC IT Security Manager through the operating unit ITSO. Information concerning the malicious software protection procedures and reporting requirements are contained in Section 6.1 of the "DOC IT Security Manual."