Information Technology Services (ITS) has developed the Cyber Security Incident Response Procedure (PDF, 278.2 KB) and are seeking your feedback on this important component of UQ’s response to cyber security threats.  

This procedure defines processes and requirements for the handling of cyber security incidents impacting UQ.

Here’s a summary of the procedure:

  • Cyber security incidents and suspicious events must be reported by staff, students and others
  • Incidents handling is composed of five phases: Identification, Containment, Eradication, Recovery and Lessons Learned
  • Cyber security incidents may require notifications to be performed to impacted persons and organisations, government agencies and regulatory bodies 
  • UQ must adequately prepare for cyber security incidents including producing plans and procedures and performing regular table-top exercises to test response capabilities 
  • More severe cyber security incidents must be escalated to UQ’s Incident Management and Crisis Management Teams

Email any feedback or queries to Marc Blum by Friday 8 September.