Standard for Managing Information Security Incidents

I. Purpose

The purpose of this standard is to establish the university’s obligation to ensure a consistent and effective approach to the management of information security incidents.

II. Scope

This standard is applicable to UNC Charlotte faculty, staff, students and all authorized users granted use of university information resources. Every authorized user of university information resources has a responsibility toward the protection of those resources.

III. Contacts

Direct any general questions about this standard to your unit’s Information Security Liaison. If you have specific questions, please contact OneIT Information Security Compliance at ISCompliance-group@uncc.edu.

IV. Information Security Incidents

An information security incident is defined as an attempted or successful unauthorized access, use, disclosure, modification or destruction of information; interference with information technology operation; or violation of acceptable use policies. A security incident may include any of the following:

1. a breach, attempted breach or other unauthorized access of a university information resource originating from within the university network or an outside entity
2. an exposure of sensitive or confidential non-public information
3. an intentional disruption or attack impacting university information resources
4. a loss or theft of a university information system asset

V. Standard

Information security incidents should be reported through appropriate channels as quickly as possible. Established procedures should ensure a quick and effective response to all reported information security incidents.

UNC Charlotte faculty, staff, students and all authorized users granted use of university information resources must notify OneIT immediately of any suspected or real information security incident. If it is unclear as to whether a situation should be considered an information security incident, OneIT should be contacted to evaluate the situation.

The UNC Charlotte Guideline for Reporting Information Security Incidents provides additional information regarding the steps to follow to report a potential or real information security incident.

Related Resources

• University Policy 311 Information Security
• Guideline for Reporting Information Security Incidents
• ISO/IEC 27002

ISO/IEC 27002 was adopted by The University of North Carolina at Charlotte in 2012. All standards and guidelines are based on this code of practice for Information Security Management.

Revision History

Initially approved by Information Assurance Committee 12/18/14
Updated 11/04/21