Problem
XYZ University Computer Incident Response Plan
The purpose of this Computer Incident Response Plan (CIRP) is to provide the university with a plan that addresses computer security incidents. A computer security incident is one that threatens the confidentiality, integrity, or availability of the university information assets with high impact. The CIRP defines the roles and responsibilities for the Chief Information Officer, Computer Incident Response Team, Information Security Officer and the supporting groups. It classifies incidents into four severity levels, namely, low level incident, medium level incident, high level incident, and critical level incident.
For each severity level of incident, CIRP describes the roles involved and their responsibilities for handling the incident. The CIRP also describes the post incident activity and provides an incident review report template.