Incident Management and Response Policy

Questions and Answers

Who is responsible for ensuring that reported security incidents are added to the appropriate incident management system?

Incident responders

Information security officer (ISO) (correct)

CEO

On-Call-Engineer (OCE)

What is the first step recommended for reporting a security incident?

Inform the On-Call-Engineer (OCE)

Report the incident to your manager (correct)

Do nothing and wait for the incident to pass

Approach the CEO directly

Which role is responsible for addressing the incident at any given point in time?

On-Call-Engineer (OCE) (correct)

Incident responders

Information security officer (ISO)

CEO

What does a quick resolution of a security incident require?

Focus and clearly defined responsibilities

Which individual should you approach to report a security incident if your manager is unavailable?

CEO

What requires human intervention to avert disruptions or restore the operational status?

$\text{Irregular and anomalous conditions}$

What defines Low severity incidents?

Incidents that do not require immediate remediation

Which scenario is considered a Medium severity incident?

Suspicious emails or unusual activity on a staff laptop

What should be done in the case of Internal Malicious Activity involving a 360tf staff member?

Contact the Information Security Officer (ISO) or CEO directly

When should immediate actions be taken according to the text?

For Critical severity incidents where security attack was successful

Who will determine if legal counsel should be involved in critical incidents?

The Information Security Officer (ISO)

What responsibility lies with the person or team handling critical incidents?

Remediate the vulnerability and limit damage