SecAware materials

SecAware logo 150 animated ezgif.gif

3-page generic policy on reporting [information security-related] incidents.


Serious information security incidents (including events, incidents, disasters, vulnerabilities, threats and near-misses), particularly those directly affecting the organization’s information, must normally be reported to Help Desk who will initiate and coordinate the response.  Where fraud or serious malpractice is suspected or alleged, this may be reported in confidence to Internal Audit.


Delivered as an editable MS Word document, easily customized for your organization's specific needs.

Incident reporting policy

  • Template policy on incident reporting


    See also the policies on:

  • The license covers internal use within a single organisation.  Please get in touch if you'd like to incorporate the SecAware content in your systems or services provided to third parties.