Policy overview
Aim
This policy aims to ensure that we appropriately manage security incidents relating to our information and Information Communications Technology (ICT)
What is a security incident?
A security incident is defined as any fact or event that results in the compromise, misuse, or loss of our:
- information
- ICT services
- assets
A security incident can impact the confidentiality, integrity, and, or availability of information.
Examples of security incidents include:
- the loss or theft of information
- unauthorised disclosure of, or access to, information
- loss or theft of ICT, media, or devices
- physical security breaches
- deliberate or accidental breach of security policy
- insecure disposal of information or ICT assets
- malicious software infection
- denial-of-service attack
- website defacement
- social engineering, for example a bogus contractor attempting to use a system