IR-5 Incident Monitoring

Description

Documenting information system security incidents includes, for example:

  1. maintaining records about each incident,
  2. the status of the incident, and
  3. other pertinent information necessary for forensics, evaluating incident details, trends, and handling.

Incident information can be obtained from a variety of sources including, for example:

  1. incident reports,
  2. incident response teams,
  3. audit monitoring,
  4. network monitoring,
  5. physical access monitoring, and
  6. user/administrator reports.

Applicability

This Control applies to all information resource owners and custodians, and third parties who are responsible for TAMU-CC University information resources.

The intended audience is all individuals that are responsible for the installation of new information resources, the operations of existing information resources, and individuals charged with information resources security.

Common events such as malware or other events that are detected, mitigated, and resources restored within a reasonable amount of time with locally available unit resources are not included in these procedures.

Implementation

TAMU-CC tracks and documents information system security incidents on an ongoing basis. All users shall report all suspected information security incidents to the Service Desk.

Revision History

Last Updated: February 21, 2025

Previous Versions:

  • June 29, 2023
  • May 31, 2022
  • March 25, 2021
  • September 16, 2019

Chief Information Security and Privacy Officer

Submit a Ticket

News

See All News

Events

See All Events