ISPOL-90-01-Parveen
0 (0 Likes / 0 Dislikes)
Introduction to Information Security Policy 90, Incident Management & Response
ISPOL 90 outlines the high-level responsibilities,
practices, and reporting requirements for
information security incidents.
These requirements control and minimize the impact
of an information security incident by
establishing a process to report and address the incident.
Incident response procedures include reasonable
and appropriate methods to control and remediate
information security incidents affecting critical information
technology resources that are controlled by Intel.
Intel established requirements are set forth for end users
and systems on incident response training,
testing, handling, monitoring, reporting,
and response assistance.
Policy 90 defines an information security incident
as a violation of information security policies,
acceptable use policies, or security practices.
It could even be an imminent threat of violating one of these.
Such violations can lead to adverse events,
including: compromised integrity or data,
denial of service, loss of accountability,
or damage to any part of a system.
Examples of systems range from laptops
and mobile devices to factory automation,
robots, and IoT devices. Even networking
equipment, backup devices and
cloud services count as systems.
Each system has a lifecycle.
Throughout it, appropriate incident
response capabilities, procedures,
and mechanisms must be defined,
updated, and maintained.
Workers are required to immediately report
any suspected incidents, violations,
or suspicious behavior to IT Information Security.
Examples of reported events are disclosure
of classified information or loss of computing systems.
Policy 90 also outlines the Information Security
Incident Investigation Policy,
explaining that only IT Information Security
authorized individuals are allowed
to investigate incidents.
Additional IT Information Security responsibilities
in response to a security incident include:
Escalation to other parties, reporting
to outside authorities, and
overseeing corrective activity.
Further, IT Information Security response teams
will conduct a review following major security
incidents. The review will focus on
identifying root cause, process improvements,
and developing enhanced or additional controls to
limit the frequency, damage, and
cost of future occurrences.
The IT Emergency Response Process, or ITERP,
is the process Intel uses to respond to an information
technology emergency incident or crisis.
The IT Information Security incident
management process coincides with
the ITERP and Crisis Management processes
to help determine whether an information
security incident or violation is isolated
or if it also qualifies as a crisis or ITERP event.
Information Security Policy 90,
Incident Management & Response,
assures that during information security incidents
and times of crisis, the negative impact
of them is minimized through
appropriate controls and processes.
This and other updated Information Security Policies,
supporting documents, and our improved
policy portal should make it easier for you
to locate and understand our corporate
information security requirements.
They can be found on our corporate policy repository,
Policy Central. Visit goto/InfoSecPolicies
to learn more or ask questions.
Thank you for your help to keep Intel secure!