Information security incidents shall be reported to relevant supervisor, Head of Department/Office and the Information Security Manager (ISM) of ITO who is also the Secretary of the Information Security Sub-committee immediately after they are identified or are suspected to have existed. Significant and critical incidents should also be reported to the President and Vice-Chancellor and/or Vice-Presidents via the ISM as appropriate, depending on the impact type and severity level.
Examples of security incidents are as follows:
- Unauthorised modification or deletion of data;
- Unauthorised modification of the system software, hardware or connections;
- Modification of system hardware, software or connections in breach of the Information Security Policy;
- Hacking or attempted hacking by insidersor outsiders;
- Suspected or actual illegal activity;
- Unauthorised use of systems for personal gain or purposes; and
- Unauthorised copying of information or software.
ITO Information Security Newsletter
JUCC Information Security Newsletter (Volume 2)
JUCC Information Security Newsletter (Volume 1)
Management and General Users
Technical and Professional Users