SI-5 Security Alerts, Advisories, and Directives
Description
The University receives information security alerts/advisories on a regular basis, issues alerts/advisories to appropriate units or personnel, and takes appropriate actions in response.
Applicability
- Security alerts, advisories, and directives are the responsibility of the Chief Information Security Officer.
Implementation
- The Chief Information Security Officer, or designee, is responsible for:
- 1 - Receiving IT security alerts and advisories from established information security resources (both internal and external sources);
- 2 - Identifying and evaluating alerts and advisories for reporting security threats that may impact the University;
- 3 - Communicating internal security alerts, advisories, and directives as deemed necessary;
- 4 - Determining required response activities with established time frames that shall be specified in a directive to units; and
- 5 - Ensuring appropriate action, as specified in a directive, is completed by unit IT staff in response to a directive.