- I Am...
- About HCCC
- Programs and Courses
- Paying for College
- Student Success
- Diversity, Equity and Inclusion
This plan guides how to respond to information security incidents at Hudson County Community College (HCCC). The plan identifies the roles and responsibilities of the HCCC incident response team and the steps to be taken in the event of an incident. The Information Security Incident Response Plan (ISIRP) aims to minimize the impact of an incident, preserve evidence for investigation purposes, and restore normal operations as quickly as possible.
Incident: An event that results in a loss of confidentiality, integrity, or availability of information or information systems.
Response: The actions that are taken to mitigate the impact of an incident and restore the affected systems and data to their normal state.
Incident Response Team (IRT): The Incident Response Team (IRT) is responsible for implementing the ISIRP. The IRT consists of representatives from relevant departments, including but not limited to Information Technology Services (ITS), Finance (Risk Management), Legal Counsel, HR, and Communications. The IRT is responsible for coordinating the response to an incident and ensuring that all necessary resources are available.
The IRT is responsible for the following:
All suspected or confirmed information security incidents must be reported to ITS immediately. ITS will then assess the incident and determine if it is a security incident. ITS will escalate the incident to the IRT if it is a security incident.
The IRT will categorize the incident based on its severity and impact. The categories are as follows:
Category 1: Minor Incident - No significant impact on the college or its operations.
Category 2: Moderate Incident - Limited impact on the college or its operations.
Category 3: Major Incident - Significant impact on the college or its operations.
Category 4: Critical Incident - Severe impact on the college or its operations.
The IRT will follow the below steps to respond to an incident:
Category 1: No formal response is required.
Category 2: The IRT will investigate the incident and take appropriate action to contain and mitigate the incident.
Category 3: The IRT will coordinate with relevant departments and external resources, such as law enforcement and cybersecurity experts, to investigate the incident and take appropriate action to contain and mitigate the incident.
Category 4: The IRT will implement the HCCC Emergency Management Plan, which outlines the steps to follow during a significant crisis.
The IRT will follow these steps in the event of an incident:
The IRT will use the following tools and resources to respond to incidents:
The IRT will test and train regularly on the procedures and tools in place.
The IRT will communicate with the following stakeholders in the event of an incident:
The IRT will document all aspects of the incident, including but not limited to the incident type, severity, impact, response, and resolution. Documentation will be stored securely and accessible only to authorized personnel.
The IRT will collect and analyze the following metrics related to incidents:
The Associate Vice President for Technology and CIO will report on these metrics to the HCCC Board of Trustees.
The AVP CIO will review the ISIRP annually and update it to reflect the changing security landscape and the HCCC's evolving needs.
Approved by Cabinet: May 2023
Related Board Policy: Information Technology Services