Incident Management

Introduction

Catalyst should track incidents in our environment so that similar events can be prevented in the future.

Scope

This policy will cover incidents in the production environment including infrastructure, customer data, and security incidents.

An incident shall be deemed a Security Incident by the SCC if the potential exists for it to compromise Catalyst’s policies, brand, and/or integrity. Any malicious action or incident known to the SCCe will be considered a Security Incident.

An incident shall be deemed an Infrastructure Incident if the production environment experiences unplanned downtime or suffers degradation in a way that disrupts service.

An incident shall be deemed a Customer Data Incident if there is a non-reversible, unintentional, alteration (including deletion or loss) of customer data.

Roles

Operators are responsible for incident handling and initiating change requests for resolution where appropriate.

Business Owners are responsible for approving changes that result from incidents or retroactively approving emergency changes.

Policy

Incidents will be identified in a number of ways including but not limited to: alerts, customer reports, staff interactions with the product, etc. All relevant incidents will be documented and classified. When appropriate, Catalyst will communicate to stakeholders and customers. If there is a Customer Data Incident, Catalyst will always be in direct communication with the customer.

Compliance

Department Directors are responsible for the regular oversight of their department’s incident documentation.

Violations of the policy will be met with corrective action and carry the possibility of disciplinary action up to, and including, termination.

Exceptions

Exceptions are only expected for sensitive information within a Security Incident. Security Incident exceptions should be documented and approved by the Security Committee.

Colophon

Owner: Security and Compliance Committee

$Date: 2018-12-13 12:44:26 -0700 (Thu, 13 Dec 2018) $

$Revision: 472630 $

results matching ""

    No results matching ""