Scribd
Upload
178 views12 pages

Security Incident Register

Uploaded by

Ashwini Bala
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as XLSX, PDF, TXT or read online on Scribd
178 views12 pages

Security Incident Register

Uploaded by

Ashwini Bala
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as XLSX, PDF, TXT or read online on Scribd

6

Security Incident (SI) Register

Source Severity Priority Date & time


Incident # Incident Type Reference (1/2/3/4) (1/2) Raised
Date & time time/Days Status
reported to Date & time elapsed for (Closed/O
SCA Closed open SIs Duration Raised By pen)
Descriptio Resolution Corrective & Preventative Action
n Owner taken - incident handling Resolution Cause
Defect Source
Priority Levels for Incidents and Problems
Incidents a) impact ..The following table applies to all
Security Incidents.
IMPACT

Security Incident

* All of the types of information referred to in the above rows have the meaning given to them in the S

b) urgency ..(i) Security Incidents The following table


applies to all Security Incidents.
URGENCY

Security Incident

* All of the types of information referred to in the above rows have the meaning given to them in the S
HIGH

· Denial of Service (Denial of Service or distributed denial


of Service attacks.)

· Hacking (Reconnaissance or suspicious activity,


excluding malware.)

· Compromised Asset (A compromised host, network


device, application, or user account. This is inclusive of
malware infections where an attacker actively controls
the system (root access, Trojan, rootkit).)

· Compromised Information (Attempted or successful


destruction, corruption, or disclosure of Group
information or intellectual property.)

· Unlawful activity (Theft/fraud/human safety/child


exploitation. Incidents of a criminal nature or are likely to
involve law enforcement or international investigations.)

in the above rows have the meaning given to them in the SCA's Information Security Classification Guidelines.

HIGH
· Medium Protected Data or High risk systems being targeted.

Large number of targeted or vulnerable systems.

in the above rows have the meaning given to them in the SCA's Information Security Classification Guidelines
c) Priority Level Priority Levels for Incidents are determined on the basis of both the
impact and urgency, as follows:
MEDIUM

· Malware (Malicious software, such as a virus or worm, affecting


multiple devices. This excludes compromised hosts where an attacker
actively controls the system (compromised asset.)
· Acceptable Use Violations (Possession or sharing of
offensive/copyright material. Intentional violation of Information
Security policy. Inappropriate use of Group assets such as computers,
networks, or applications. )

Security Classification Guidelines.

MEDIUM
· Highly Protected Data or High risk systems being targeted.

Large number of targeted or vulnerable systems.


Externally accessible systems.
Security Classification Guidelines
PRIORITY LEVELS

Urgency
Impact
ORITY LEVELS High
High 1
Medium 2
Low 3
Medium Low
2 3
3 4
4 4

You might also like