CSU, Chico has a documented incident response plan that includes processes for investigating, responding to, reporting, and recovering from incidents involving loss, damage, misuse of information assets, or improper dissemination of critical or protected information, regardless of the medium in which the breached information is held (e.g. paper, electronic, oral).
All suspected security incidents must be reported to the Information Security Officer. In the event of a security incident, the following actions may be taken:
- Blocking access to the affected computing system
- Notifying the appropriate Data Authorities, Administrator/College Dean, or Department Chair
- Assessing the nature of the breach, including a description of the incident, the response process, the notification process, and the actions taken to prevent further breaches of security
- Consulting with University Counsel as appropriate