OIT Enterprise Procedures: OEP SEC Series – Security |
|||||||||||||||||||
 |
|
||||||||||||||||||
| For security reasons, State of Ohio information security procedures are not | |||||||||||||||||||
| posted on the Internet. State of Ohio agencies may obtain a copy of a | |||||||||||||||||||
| security procedure by contacting DAS/OIT Risk Management Services. Questions | |||||||||||||||||||
| regarding Ohio’s security procedures may also be directed to: | |||||||||||||||||||
| Department of Administrative Services | |||||||||||||||||||
| Ohio Office of Information Technology | |||||||||||||||||||
| Risk Management Services | |||||||||||||||||||
| 1320 Arthur E. Adams Drive | |||||||||||||||||||
| Columbus, Ohio 43221 | |||||||||||||||||||
| Telephone: | 614-995-7632 | ||||||||||||||||||
| E-Mail: | RiskManagementServices@OIT.Ohio.Gov | ||||||||||||||||||
| Summary of Published Security Procedures | |||||||||||||||||||
|
|||||||||||||||||||
| OEP SEC.4001 Statewide Incident Response Reporting | |||||||||||||||||||
| Effective: 08/10/2006 | |||||||||||||||||||
| Overview | |||||||||||||||||||
This procedure defines the steps to be followed by State of Ohio agencies reporting information, computer system, or network security incidents as outlined in Ohio IT Policy ITP-B.7, Security Incident Response. This procedure pertains to the type of incidents described under Definitions in the document. It does not apply to general system outages. |
|||||||||||||||||||
| Scope | |||||||||||||||||||
| State agencies required to report IT security incidents under Ohio IT Policy ITP-B.7, Security Incident Response, shall use this procedure. | |||||||||||||||||||
|
|||||||||||||||||||