Legal Seminar, Denver, CO
Identification, Scoping & Communications
What is an Incident?
Classification
• Actually or potentially jeopardizes confidentiality, integrity or availability of information or information systems; financial, legal, reputational, operational impacts
• Low – 0‐5 users; non‐production systems; publicly available info; solution available; no external impact; no PII/PHI/confidential info • Medium – 6‐20 users/VIP; internal systems; internal use information; possible PII/PHI; weak solutions; possible external impact • High – 20+ users/entire system/VIPs; external systems; definite PII/PHI; no solutions; definite external impact • Can change over time; based on holistic analysis of all characteristics
Identification, Scoping & Communications
Notification/Communications • Board notification (Executive Committee; SRR Board; CSBSEF Board)
– Low Severity – reported on quarterly basis – Medium – within 12 hours of declaration – High – within 4 hours of declaration – Always before notification to any other party (CFPB; FBI)
Made with FlippingBook - Online magazine maker