1.02 Security Incident Response

I. Purpose

The purpose of the Security Incident Response security policy is to mitigate risks from computer security incidents by establishing a repeatable process following industry standards. Preventive activities based on the results of risk assessments can lower the number of incidents, but not all incidents can be prevented. An incident response capability is therefore necessary for rapidly detecting incidents, minimizing loss and destruction, mitigating the weaknesses that were exploited, and restoring IT services.

II. Description

Bradley University will follow industry standards by having a Security Incident Response Team that follows the Security Incident Response Procedures.

III. Scope

This policy pertains to all devices, physical storage, and cloud storage containing Bradley University data.