SecAware materials

3-page generic policy on reporting [information security] incidents.


Serious information security incidents (including events, incidents, disasters, vulnerabilities, threats and near-misses), particularly those directly affecting the organization’s information, must normally be reported to Help Desk who will initiate and coordinate the response.  Where fraud or serious malpractice is suspected or alleged, this may be reported in confidence to Internal Audit.


Delivered as an editable MS Word document, easily customized for your organization's specific needs.

Incident reporting policy


© 2020 IsecT Limited     Get in touch