Example Incident Report

Your Data Security Incident Response Policy should include a reference to your Incident Response Plan or Procedure which should require that an Incident Report be completed for each security incident. An incident report example can be found at the California Department of Finance page here.

This is a very thorough report that requires you to fill in information on topics like:

Date and Time Incident Occurred
Description of Incident
Estimated Cost of Incident
Corrective Actions Taken to Prevent Future Occurances
Estimated Costs of Corrective Actions
Have Those Responsible for the Incident Been Identified?
If So, How Many Individuals Were Involved?
Will Criminal Charges Be Filed?

Check it out here.

Tagged as: Data Security Policy, Incident Response Policy, Information Security Policy, Security Policies

Leave a Comment

{ 1 trackback }

laptop screenpo

Previous post: Acceptable Use Policy

Next post: Best Practices for Security Incident Response

Recent Data Breaches
- Update: UnitedHealthcare notifies Medicare members of data breach; company says 68 people in Missouri affected
  An employee access records in an unauthorized manner, according to the company. UnitedHealthcare is advising people in Missouri that have enrolled in its Medicare plans to a data breach by a now-former employee that has affected a reported 68 people across the state of Missouri. […]
- EFA demands data breach disclosures
  Electronic Frontiers Australia is calling for organisations to be required to notify data breaches where personal details of individuals are compromised. Its board has voted unanimously to support the implementation of mandatory data breach notification regulations. EFA board member, Karen Higgins, said: "It is outrageous that an organisation can have a […]
- Multiple 'mistakes' led to massive health data breach, director says
  New details of what went wrong in a costly health information data breach emerged Wednesday. […]
- McEntee: After data breach, I’ll long be looking over my shoulder
  McEntee: After data breach, I’ll long be looking over my shoulder By peg mcentee Tribune Columnist Published May 17, 2012 08:00AM MDT A couple of weeks ago, I returned home from vacation to learn my personal health information had been hacked. So I signed up for the free credit monitoring that lasts a year. On Monday, not having heard about my Social Securit […]
- Utah CTO takes fall for data breach
  Computerworld - The executive director of Utah's Department of Technology Services has resigned over a data breach two months ago that exposed the Social Security numbers and other personal data of about 280,000 Medicaid recipients. […]
- Utah Government Fires Tech Director After Data Breach on Medicaid Server
  May 16, 2012 -- Utah state technology director Stephen Fletcher resigned on Tuesday in the wake of a massive healthcare data breach that exposed personal information of about 780,000 people. […]
- Data breach
  Gov. Gary Herbert has fired the state’s top computer nerd in the wake of the Medicaid data breach. […]
- Utah guv fires tech director over health data breach, creates security czar
  Utah guv fires tech director over health data breach, creates security czar By heather may The Salt Lake Tribune Published May 15, 2012 06:10PM MDT Gov. Gary Herbert apologized to the 780,000 victims of the health data security breach on Tuesday. To restore the public’s trust, he announced Tuesday that he fired Department of Technology Services director Step […]
- Application Security, Inc. Pledges One Million Dollars Of Database Security Software To Help Enterprises Battle Data ...
  In an effort to help organizations defend against the ongoing data breach epidemic, Application Security, Inc. , the leading provider of database security solutions for the enterprise, today announced that it will give away up to one million dollars of database security software. […]
- Beazley Breach Response Services Expanded to Tackle Risks of PCI Investigations Following Suspected Data Breaches
  SAN FRANCISCO, May 7, 2012 /PRNewswire/ -- Enhancements announced today to Beazley Breach Response (BBR), Beazley's market-leading data breach response and insurance solution, include practical support ... […]

Subscribe to Data Security Policies via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.
Categories
- Security Policies
- Security Standards
Information Security
- IT Security Guy
Security Policies
- Christiansen’s IT Law
Security News Feed
- Why Apple, RIM, Nokia and Motorola are arguing over what your next SIM card will look like
  Apple's SIM design would result in handsets costing more to manufacture. […]
- Friday folly: HTC changes U. S. Android phones to avoid injunction
  HTC has changed the Android software on its newest US phones to avoid an injunction brought by Apple. […]
- Cyber security: U.S. mulls blocking China Mobile license
  Concerned about cyber security and possible spying, U.S. officials are considering denying China Mobile's license for providing international information service in the United States.Officials... […]
- UK government keeps RIM in play with BlackBerry 7 security rating
  RIM is holding on to the niche government market by certifying BlackBerry 7 as fit for government use, while Apple and Google have yet to step up to the mark. […]
- The Pirate Bay returns, Anonymous hater takes credit for DDoS
  The Pirate Bay is back online. An Anonymous traitor who goes by the name AnonNyre has claimed responsibility for the Distributed Denial of Service (DDoS) attack that kept the site offline for days. […]
- These 'Alpha Geeks' are already living in the future (photos)
  The thinkers, designers, engineers, and hackers at the center of the maker movement are focused on the innovation business. At the MAKE Hardware Innovation Workshop this week, the open-source... […]
- Wikileaks has been under DDoS attack for the last three days
  The Pirate Bay is down. Wikileaks is down. Visa was down. Are all these Distributed Denial of Service (DDoS) attacks a coincidence? Right now it's not clear, but something is definitely happening. […]
- Anonymous denies it is behind The Pirate Bay DDoS attack
  The hacktivist group Anonymous has denied allegations that it is behind the Distributed Denial of Service (DDoS) attack against The Pirate Bay. Update: The Pirate Bay has confirmed the denial. […]
- Google to centralize Android development and sales
  According to a Wall Street Journal report, Google is going to radically shift how it works with its partners in developing and selling Android. […]
- The Pirate Bay hit with massive DDoS attack
  The Pirate Bay is down for me. Is it down for you? It may be, since the site has confirmed it is experiencing "a quite big" Distributed Denial of Service (DDoS) attack. It's unclear who is behind it. […]
Data Security Policy Tags
Acceptable Use Policy Authentication Policy Business Continuity Policy Business Continuity Security Policy cloud cloud computing computer computers Computers and Internet Computers and Technology Corporate Security Policy Data Classification Policy Data Recovery Data Security Policies Data Security Policy Disaster Recovery Policy hard drive data recovery hard drive recovery Incident Response Plan Incident Response Plan Template Incident Response Policy Information Security Policy Internet Internet Security IT laptop laptop computer laptops mozy online backup online backup PC RAID data recovery Record Retention Policy security Security Breach Security Policies Security Policy Security Standards software spyware technology Vulnerability Management Policy Windows Hardening Guide Windows Hardening Standard Wireless Security Standard

Example Incident Report

Recent Data Breaches

Subscribe to Data Security Policies via Email

Categories

Information Security

Security Policies

Security News Feed

Data Security Policy Tags