Information Security Incident Handling Policy

The purpose of this policy is to provide the framework in which information security incidents will be handled.

Policy Statement

The purpose of this policy is to provide the framework in which information security incidents will be handled.

Reason for Policy

This policy governs the actions required for reporting or responding to security incidents involving Adelphi information and/or information technology resources to ensure effective and consistent reporting and handling of such events.

Who Is Governed by this Policy

All end-user and application management accounts on computerized information systems operated by or on behalf of Adelphi University.

Policy

Information security incidents will be handled by a team that is directed by the Information Security Officer. In order to stay aligned with global best practices, the team will be referenced as Adelphi University Computer Security Incident Response Team (Adelphi-CSIRT).
Incidents must be explicitly declared by the Information Security Officer and will be documented appropriately.
All contacts with members of the press must be channeled through the Director of Media Affairs.

Enforcement

Any employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.

Deviation From This Policy

Deviation from this policy is allowed after approval by the Chief Information Officer.

Definitions

This policy does not have definitions associated with it at this time. Upon periodic policy review this area will be evaluated to determine if additional information is needed to supplement the policy.

Forms

This policy does not have forms associated with it at this time. Upon periodic policy review this area will be evaluated to determine if additional information is needed to supplement the policy.

Related Information

This policy does not have related information at this time. Upon periodic policy review this area will be evaluated to determine if additional information is needed to supplement the policy.

Document History

Last Reviewed Date: March 30, 2023
Last Revised Date: September 01, 2017
Policy Origination Date: October 7, 2009

Who Approved This Policy

Carol Ann Boyle, Chief Information Officer

Policy Owner

Kees Leune

PhD

Associate Professor, Chair

Mathematics and Computer Science, College of Arts and Sciences

Information Security Officer

Information Security, Information Technology
Contact

leune@adelphi.edu

516.877.8178

516.877.4499

Science Building 414

Secondary Contacts

Carol Ann Boyle (She/Her)

MBA

Chief Information Officer

Information Technology
Contact

boyle@adelphi.edu

516.877.3775

516.877.3038

Hagedorn Hall of Enterprise B22