The UTIA Security Committee has developed an Information Security Incident Response Plan for the Institute. The Committee membership includes a representative from each unit and department. The committee’s charge is to develop and implement a sound National Institute of Standards and Technology (NIST) program based on an IT security plan for the Institute. One of the first objectives of the committee was to create an incident response plan that effectively defines the Institute’s incident response processes and procedures to ensure that our employees understand them. An incident response plan brings together and organizes the resources for dealing with any event that harms or threatens the security of our information assets. Such an event may be a malicious code attack, an unauthorized access to information or systems, an unauthorized use of services, a denial of service attack, or a hoax.

The goal of the plan is to facilitate a quick and efficient response to incidents and to limit their impact while protecting the Institute’s information assets. The plan defines roles and responsibilities, documents the steps necessary for effectively and efficiently managing an information security incident, and defines the channels of communication. The Information Security Incident Response Plan can be accessed from the ITS team site homepage under the heading UTIA Information Technology Plans and Procedures. If you have any questions regarding the plan, you may contact Adam Godwin at 865-974-7292 or email agodwin@utk.edu.