[Hidden-tech] 201 CMR 17.00

David Korpiewski davidk at cs.umass.edu
Tue Dec 15 00:10:06 EST 2009


So about this security law, what are the proper procedures for reporting 
a breach and who do we report it to?  Last I knew, I think we had to 
report a breach of security to the Attorney General's Office.

I've spent weeks writing a WISP for a company, but that section stumps me.

These are my index headers for the section I'm writing:

11.	BREACHES
a.	Physical breach vs Data breach
b.	Lock down measures to prevent further loss
c.	Procedure to document actions taken in connection with a security breach
d.	Determining what was stolen
e.	Reporting to the proper agencies
f	Post incident review to improve security


Thanks in advance for any help!
David




-- 
===========================================
David Korpiewski
Software Specialist I
CSCF - Computer Science Computing Facility
Department of Computer Science
Phone: 413-545-4319
Fax:   413-577-2285
===========================================


Google

More information about the Hidden-discuss mailing list