IR-1 Incident Response Policy and Procedures

Last Review: 10/1/22


The West Texas A&M Information Security Controls Catalog establishes the minimum standards and controls for University information security in accordance with the state's Information Security Standards for Institutions of Higher Education found in Title 1, Chapter 202, Texas Administrative Code (TAC 202).


To develop, document, and disseminate an incident response policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance.  WTAMU will establish procedures to facilitate the implementation of the incident response policy and associated incident response controls; and review and update the current incident response policy and procedures.


The scope of these regulations and procedures are applicable to all information resources owned or operated by WTAMU. All users are responsible for adhering to this policy. If needed or appropriate, information regarding roles, responsibilities, management commitment, and coordination among organizational entities are embedded within these procedures.

Regulations and Procedures

The State of Texas Department of Information Resources (DIR) has chosen to adopt a select number of Incident Response Controls as established within the NIST SP 800-53 control family guidelines identified by the DIR Security Control Standards Catalog. WTAMU shall have a documented procedure to assess the significance of a security incident based on the business impact on the affected resources and the current and potential technical effect of the incident, e.g., loss of revenue, productivity, access to services, reputation, unauthorized disclosure of confidential information, or propagation to other networks. 

The ISO shall be responsible for the development, documentation, and dissemination of the incident response policy and procedures.

WTAMU's Incident Response policies and procedures shall be reviewed at least annually and updated appropriately.