1. Purpose 

The purpose of this policy is to establish a framework for handling information security incidents at Quincy College. This policy aims to ensure a coordinated, efficient, and effective response to incidents, minimizing their impact and aiding in swift recovery. 

2. Scope 

This policy applies to all Quincy College employees, contractors, vendors, and any other parties who have access to Quincy College information systems and data. 

3. Definitions 

  • Incident: Any event that compromises the confidentiality, integrity, or availability of Quincy College’s information systems and data. 
  • Incident Response Team (IRT): A group of individuals responsible for managing the incident response process. 
  • Stakeholders: Individuals or groups with a vested interest in the incident response process, including IT staff, management, legal counsel, and communication teams. 

4. Incident Handling Phases 

  1. Preparation
  • Establish and train the Incident Response Team (IRT). 
  • Develop and maintain an incident response plan. 
  • Conduct regular security awareness training for all employees. 
  1. Identification 
  • Monitor systems for potential security incidents. 
  • Report suspected incidents to the IRT immediately. 
  • Document and classify the incident based on its severity and impact. 
  1. Containment 
  • Implement short-term containment measures to prevent further damage. 
  • Develop long-term containment strategies to maintain business operations while mitigating the incident. 
  1. Eradication 
  • Identify the root cause of the incident. 
  • Remove the cause and any related threats from the environment. 
  1. Recovery 
  • Restore affected systems and data to normal operation. 
  • Verify the integrity and security of restored systems. 
  • Monitor systems for any signs of lingering threats. 
  1. Lessons Learned 
  • Conduct a post-incident review with the IRT and relevant stakeholders. 
  • Document the incident response process and identify areas for improvement. 
  • Update the incident response plan and provide additional training as needed. 

5. Incident Response Team (IRT) Structure and Roles 

  1. Vice President of Technology 
  • Role: Incident Response Manager 
  • Responsibilities: Lead the IRT, coordinate response efforts, communicate with senior management, and make critical decisions. Ensure the overall direction and priorities of the incident response process.
  • Tom Pham tpham@quincycollege.edu 617-877-9650 
  1. IT Manager 
  • Role: IT Operations Lead 
  • Responsibilities: Oversee the technical response, coordinate IT staff, and ensure effective implementation of containment and eradication measures. Manage the restoration of affected systems. 
  • Allen Mo amo@quincycollege.edu 857-526-2982 
  1. IT Analyst (Security) 
  • Role: IT Security Lead 
  • Responsibilities: Provide technical expertise in security, analyze the incident, identify threats, and implement security measures. Lead the investigation and mitigation of security incidents. 
  1. IT Specialist 
  • Role: Technical Support 
  • Responsibilities: Assist with technical aspects of the incident response, support system and network analysis, and help with the implementation of containment and recovery procedures. 
  1. General Counsel 
  • Role: Legal Counsel 
  • Responsibilities: Provide legal guidance, ensure compliance with laws and regulations, handle data breach notifications, and manage legal communications. 
  1. Vice President of Finance 
  • Role: Financial Oversight 
  • Responsibilities: Assess and manage the financial impact of the incident, oversee budgeting for incident response activities, and coordinate financial reporting and insurance claims. 
  1. Head of Facility and Campus Safety 
  • Role: Physical Security Lead 
  • Responsibilities: Manage physical security aspects of the incident, coordinate with law enforcement if necessary, and ensure the safety of campus facilities and personnel. 
  1. Director of Public Relations 
  • Role: Communications Lead 
  • Responsibilities: Develop and manage internal and external communication strategies, draft incident notifications, and liaise with media and public relations. 
  1. Director of Marketing 
  • Role: Stakeholder Communication 
  • Responsibilities: Coordinate communication with stakeholders, manage the dissemination of information to the college community, and ensure consistent messaging. 

6. Communication 

  • Develop an internal communication plan for notifying stakeholders about incidents. 
  • Ensure timely and accurate communication to affected parties. 
  • Coordinate with public relations for external communication if necessary. 

7. Compliance 

  • Ensure compliance with relevant laws, regulations, and industry standards. 
  • Conduct regular audits and reviews of the incident response process. 

8. Policy Review and Maintenance 

  • Review and update this policy annually or after a significant incident. 
  • Ensure the policy remains relevant and effective in addressing security incidents. 

9. Approval and Implementation 

  • This policy is approved by the Chief Information Officer (CIO) and senior management. 
  • The IT department is responsible for implementing and enforcing this policy. 

Original: July 2024