Facebook's Privacy Incident Response: a study of geolocation ...
SECURITY AND PRIVACY INCIDENT REPORT FORM...dgs information security office iso-02 state of...
2
ISPO-02 - v2018 Page 1 of 2 Contact the DGS Information Security and Privacy Office to immediately report security or privacy incidents. Complete this form as best as you can with all information available as instructed on page 2. 1. Person Reporting: 2. Phone Number: 3. Entity/Division 4. Office/Unit: 1. Incident Location: 2. Date Occurred: 3. Detected: 4. Reported: Yes No 5. Type of Incident: ______________________________________________________________________________________ Unknown 6. If incident involved portable media (laptop, tablet, mobile device, USB drive, etc.), was it encrypted? 7. Did the incident involve sensitive or personal information? 8. If the incident involved personal information, check all identifiers that apply: Name Social Security Number Driver's License/State ID Number Financial Account Number(s) Other FERPA Home Phone Medical or Health Information 9. Incident Details (please do not include any sensitive or confidential information on this form such as social security numbers, drivers license information, date of birth, etc.): If additional space is needed, please attached a separate document with additional incident details. 1. Corrective Actions taken or Performance Review Training/Re-Training Policy Review New Hardware planned by the Division/Office: Process Improvement New Software Other 2. Estimated Date Corrective Actions will be completed: _______________________________________________________ All Security Incident Report Forms submitted to the ISO should include a completed Cost Estimating Worksheet. Estimated Cost of Incident: ____________________________ Print Name - Person Reporting (required) Signature and Date Print Name - Manager Signature and Date DGS Information Security Office (916) 376-3940 or [email protected] Department of General Services Security and Privacy Incident Report Form Home Address Password Cellular/Satellite Number Birth Date Yes No A. GENERAL I DGS INFORMATION SECURITY OFFICE ISO-02 STATE OF CALIFORNIA – DEPARTMENT OF GENERAL SERVICES SECURITY AND PRIVACY INCIDENT REPORT FORM B. INCIDENT I C. CORRECTIVE ACTIONS D. ESTIMATED COST OF INCIDENT E. SIGNATURES
Transcript of SECURITY AND PRIVACY INCIDENT REPORT FORM...dgs information security office iso-02 state of...
ISPO-02 - v2018 Page 1 of 2
Contact the DGS Information Security and Privacy Office to immediately report security or privacy incidents. Complete this form as best as you can with all information available as instructed on page 2.
1. Person Reporting: 2. Phone Number:
3. Entity/Division 4. Office/Unit:
1. Incident Location: 2. DateOccurred:
3. Detected: 4. Reported:
Yes No
5. Type of Incident: ______________________________________________________________________________________
Unknown 6. If incident involved portable media (laptop, tablet, mobile device, USB drive, etc.), was it encrypted?
7. Did the incident involve sensitive or personal information?8. If the incident involved personal information, check all identifiers that apply:
Name Social Security Number Driver's License/State ID Number
Financial Account Number(s)
Other
FERPA Home Phone
Medical or Health Information
9. Incident Details (please do not include any sensitive or confidential information on this form such as social security numbers, drivers license information, date of birth, etc.):
If additional space is needed, please attached a separate document with additional incident details.
1. Corrective Actions taken or Performance Review Training/Re-Training Policy Review New Hardware
planned by the Division/Office: Process Improvement New Software Other
2. Estimated Date Corrective Actions will be completed: _______________________________________________________
All Security Incident Report Forms submitted to the ISO should include a completed Cost Estimating Worksheet.
Estimated Cost of Incident: ____________________________
Print Name - Person Reporting (required) Signature and Date
Print Name - Manager Signature and Date
DGS Information Security Office(916) 376-3940 or [email protected]
Department of General Services Security and Privacy Incident Report Form
Home Address
Password
Cellular/Satellite Number Birth Date
Yes No
A. GENERAL INFORMATION
DGS INFORMATION SECURITY OFFICE ISO-02
STATE OF CALIFORNIA – DEPARTMENT OF GENERAL SERVICES SECURITY AND PRIVACY INCIDENT REPORT FORM
B. INCIDENT INFORMATION
C. CORRECTIVE ACTIONS
D. ESTIMATED COST OF INCIDENT
E. SIGNATURES
Section A. General Information 1. Enter the name of the person reporting the incident.2. Enter the phone number of the person reporting the incident.3. Enter the Entity (Department or Organization) or Division of the person reporting the incident.4. Enter the Office or Unit name of the person reporting the incident.
Section B. Incident Information 1. Enter the location of the incident (ie.: Sacramento, LAX Airport, etc.).2. Enter the date the incident occurred. If not sure of date enter 'unknown'.3. Enter the date the incident was detected. This date may be different than the occurrence date.4. Enter the date the incident was reported to the supervisor of the person reporting the incident.5. Select the type of incident that occurred. If the type is not listed, choose 'other' and provide further explanation under the IncidentDetails.6. Check yes or no to indicate if the incident involved an encrypted device.7. Answer "Yes" or "No" for whether or not sensitive or personal information was involved in the incident.8. Check the appropriate boxes, if applicable. "Other" information includes any unique characteristic that identifies a Californiaresident.9. Provide a detailed description of the incident. Attach or include separate documents if additional space is needed.
Section C. Corrective Actions 1. Check the appropriate boxes to indicate the actions to be taken by the division or office.2. Enter the estimated date that the division or office expects to complete the corrective actions.
Enter the total amount from the Cost Estimating Worksheet. Email ([email protected]) or attach the worksheet when submitting to the ISO.
The person reporting and their immediate supervisor must print their names, then sign and date the form.
Security and Privacy Incident Reporting Instructions
Cal-CSIRS Report #: Date Received:__________ Date Reported to State ISO (Cal-CSIRS):Received by:
Date Reported to ENTAC:
Notifications Required:
ENTAC Report #
No Date Notifications Sent:_________Recommended Corrective Actions:_____________________________________
Additional Information:
Return Completed Form to: Department of General Services
Information Security Office 707 3rd Street, 3rd Floor
West Sacramento, CA 95605 Attn: Security/Privacy Incident Reporting
orScan PDF and email to: [email protected]
Page 2 of 2
Yes
DGS Information Security Office(916) 376-3940 or [email protected]
ISPO-02 - v2018 Department of General Services Security and Privacy Incident Report Form
Section D. Estimated Cost of Incident
Section E. Signatures
