The GSW Computer Security Incident Response Team (CSIRT) is charged with investigation and coordination of incidents where sensitive institutional or personal data is suspected to have been compromised. Serious computer incidents involving the confidentiality, integrity and availability of information technology assets must be reported to the GSW Computer Security Incident Response Team (CSIRT).
In the event that sensitive and confidential information was compromised, the leader of the CSIRT for that incident in conjunction with the other team members will file a report with the Campus Information Security Officer of the incident detailing the date, time, actions taken and any other pertinent observations. The CSIRT will follow the guidelines of the University System of Georgia Incident Response Plan (Appendix D of the GSW Security Plan and the USG IT Handbook).
The GSW CSIRT will meet at least every April and every October starting in April of 2014. The team is composed of:
- Chief Information Officer, co-chair (Apr’18)
- Information Security Officer, co-chair (Apr’18)
- Public Safety Representative
- Network Administrator
- Director of Communications
- IIT Computer Lab Manager
- Systems Administrator
- Manager of Enterprise Services
- Manager of Technology Services
- Director of Human Resources
- Registrar
- Comptroller
Additional subject matter experts may be enlisted by the chair as part of an investigation. CSIRT procedures are described in Section 7.2 of the GSW Campus Acceptable Use Policy and in the GSW IT Incident Response Plan.
