Security Incident Policy and Procedure

A Security Incident is any occurrence that involves unauthorised access or damage to or originating from any computer system that is owned or managed by the University of Sheffield. The incident may involve access or damage that is: actual, suspected, threatened, or potential (e.g. someone reports a situation that could lead to a security breach – including un-patched systems, failure to follow procedure, unusual authentication systems).

Anyone discovering a Security Incident should immediately report the incident directly (i.e. in person or by phone – do not leave voice mail or send email) to one of the following nominated persons (starting at the top of the list):

• The Director of CICS (Christine Sexton)
• The Head of Customer Services (John McAuley)
• The Head of Technical Services (Dave Speake)
• The Head of Business Services (Kath Winter)

If the incident occurs outside of normal working hours then please contact University Security on 0114 222 4085.

CICS have an agreed procedure for handling security incidents; all CiCS staff should be familiar with this procedure.

Upon being contacted CiCS staff will follow the CiCS Security Incident Procedure (see the link to the right) to ensure that the incident is properly managed and recorded.

Other incidents relating to the misuse of computing facilities (as defined by the IT Code of Practice) should be reported to the Director of CiCS (email c.sexton@sheffield.ac.uk).