Department of Corrections and Rehabilitation - Operations Manual

Cancel

Chapter 4 – Information Technology

Article 45 – Information Security

Revised May 20, 2013

View All Sections >

49020.12 Incident Management

  • To ensure information security events and weaknesses associated with information systems are communicated in a manner allowing timely corrective actions to be taken, formal event reporting and escalation procedures shall be in place. All employees, contractors and third-party users shall be made aware of the procedures for reporting the different types of events and weaknesses that might have an impact on the security of the CDCRCalifornia Department of Corrections and Rehabilitation’s information assets.

  • Incident Reporting

  • It is the responsibility of all departmental employees to report all incidents that would place the Department’s information assets at risk. The following incidents shall be reported through the local ISCInformation Security Coordinators to the Information Security Office within three days of becoming aware that a security an incident has occurred:

    • Unauthorized access to, or modification of, State-owned or State-managed data, including non-electronic data such as reports, documentation, and hard copy files.

    • Unauthorized use of, or access to, State computer resources, including computer networks and services as well as systems not necessarily connected to a network.

    • Unauthorized access to, or modification of, computer software, including operating systems, networks, configurations, and applications. This includes the introduction of malicious software such as viruses, worms, and other malicious software.

    • Deliberate or unauthorized acts resulting in disruption of State computer services, including “Denial of Service” attacks.

    • Unauthorized use of user account or Internet domain names.

    • Destruction of, or damage to, State facilities and/or information assets.

    • Break-in or other unauthorized access to State facilities resulting in compromise to the data or computer systems housed within those facilities.

    • Security weaknesses that pose a threat to CDCRCalifornia Department of Corrections and Rehabilitation information resources.

  • The Information Security Office shall investigate all incidents.