Catalyst should track incidents in our environment so that similar events can be prevented in the future.
An incident shall be deemed a Security Incident by the SCC if the potential exists for it to compromise Catalyst’s policies, brand, and/or integrity. Any malicious action or incident known to the SCCe will be considered a Security Incident.
Operators are responsible for incident handling and initiating change requests for resolution where appropriate.
Business Owners are responsible for approving changes that result from incidents or retroactively approving emergency changes.
Incidents will be identified in a number of ways including but not limited to: alerts, customer reports, staff interactions with the product, etc. All relevant incidents will be documented and classified. When appropriate, Catalyst will communicate to stakeholders and customers. If there is a Customer Data Incident, Catalyst will always be in direct communication with the customer.
Department Directors are responsible for the regular oversight of their department’s incident documentation.
Violations of the policy will be met with corrective action and carry the possibility of disciplinary action up to, and including, termination.
Owner: Security and Compliance Committee
$Date: 2018-12-13 12:44:26 -0700 (Thu, 13 Dec 2018) $
$Revision: 472630 $