INCIDENT REPORTING

POLICY STATEMENT
ISP130-00, (MINIMUM SECURITY REQUIREMENTS) requires screening and reporting suspected, observed, or actual incidents and/or breaches to documented security policies and standards.  The following process has been established to support compliance of this requirement.

INSTRUCTIONS
Provide incident description or comment in the narratives.  Include all persons and approximate dates and time if this is a security breach. If this is a virus infection, report the incident to your virus control group or designate representative, immediately.  All serious incidents should be reported to your supervisor, manager, site manager, or security officer.  

To prevent duplication of procedures and guidelines, please review existing procedures for screening and reporting security incidents and/or breaches with your respective business unit manager, site manager, or other designated official.

IN THE ABSENCE OF ANY OTHER REPORTING PROCESS OR PROCEDURE, PLEASE
USE THE INCIDENT REPORTING FORM TO REPORT SECURITY RELATED INCIDENTS.

Thank you for your participation.