INFORMATION SECURITY INCIDENT REPORTING REQUIREMENTS

5350.1 INFORMATION SECURITY INCIDENT REPORTING REQUIREMENTS
(New 03/08)

Upon discovery of any incident that meets the defined criteria below, all agencies must immediately report the incident following the Agency Information Security Incident Notification and Reporting Instructions found in SIMM Section 65B and in this policy. The Security Incident Report, part of the State Information Management Manual, is available via the Office's website at www.infosecurity.ca.gov/. The report must be submitted to the Office within ten working days of the Agency's becoming aware of an incident involving the theft of such information, including information stolen in conjunction with the theft of a computer or data storage device.

AUTHORITY STANDARDS GUIDANCE FORMS TOOLS

Back to Information Security (Office of Information Security and Privacy Protection) (Section 5300)

Next Section

Quick Links

SAM - Chapter 5300