|
Initiation responsibility: Head of IT Section, IT Security management
Implementation responsibility: IT Security Management
The response to violations of security policies should be laid down so as to ensure a clear and prompt response.
Investigations should be carried out to establish how and where such violation has originated. Subsequently, the appropriate measures must be taken to remedy or minimise the damage caused. If required, additional loss-prevention measures must be taken. The action to be taken will depend both on the nature of the violation and on the offender.
Provisions must be laid down on who is responsible for contacts with other organisations for the purpose of obtaining information on known security flaws (cf. also S 2.35 - Obtaining information on security weaknesses of the system) or of passing on information about recently detected security breaches. Care must be taken to inform any other possibly affected units/agencies by the fastest means possible.
Additional controls:
© Copyright
by Bundesamt für Sicherheit in der Informationstechnik |
July 1999 |