Incident Reporting | IR-6

Description

• Any user of MCC-owned information resources may report illegal, disruptive, or suspicious activity to Information Systems & Services personnel. Reportable incidents include:
  • any events where the confidentiality, integrity, or availability of a MCC-owned or managed information resource is potentially compromised;
  • privacy incidents that do not impact the availability of information systems; and
  • any incident(s) involving industrial control systems or operational technology.
• Upon detection or notification, ISS personnel will report suspected information security incidents to their ISS leadership and to the McLennan Community College Cybersecurity Department.
• Initial notification to the Cybersecurity Department for security incidents must occur within four hours of discovery or notification to ISS.
• The ISS Department will ensure reporting to MCC Officials that are required to be notified of an incident.
• The Cybersecurity Department will ensure all required reporting to the Texas Department of Information Resources (DIR) is accomplished in accordance with their prescribed schedule.
• Summary reports of security-related events must be submitted to DIR as required by TAC 202.73.

Last updated: 3/11/2024