Incident Response Process. The information security incident management program must be documented, tested, updated as needed, reviewed, and approved, with management oversight, on a periodic basis. The incident management policy and procedures must include prioritization, roles and responsibilities, procedures for escalation (internal) and notification, tracking and reporting, containment and remediation, and preservation of data to maintain forensic integrity.
Appears in 9 contracts
Sources: Call Off Contract, Data Processing Addendum, Wisconsin Student Data Privacy Agreement
Incident Response Process. The information security incident management program must be documented, tested, updated as needed, reviewed, and approved, with management oversight, on a periodic basis. The incident management policy and procedures must include prioritization, roles and responsibilities, ,procedures for escalation (internal) and notification, tracking and reporting, containment and remediation, and preservation of data to maintain forensic integrity.
Appears in 3 contracts
Sources: Master Subscription Agreement, Data Processing Agreement, Data Processing Agreement