Major Security Incident Policy
Approved by the CIO, June 21/17.
Excerpt: "This Policy defines a standard University-wide process for managing major information technology security incidents, references related University Policies, outlines preparations in advance of incidents occurring, and specifies a coordinated and managed response and escalation process. A Policy Appendix charters an Information Security Incident Coordination Team (ISICT)."
The full Major Security Incident Policy is here.
The Information Security Incident Coordination Process document can be found here.