Security Incident Procedures

Policy No.                   8-27-2019 Revised Date: 


The following describes WSU Employee Wellness’s policy regarding security incident procedures.


Security incident: means the attempted or successful unauthorized access, use, disclosure, modification, or destruction of information or interference with system operations in an information system.

Workforce: means employees, volunteers, trainees and other persons whose conduct, in the performance of work for Weber State University, is under the direct control of WSU Employee Wellness, whether or not they are paid by Weber State University.


WSU Employee Wellness will respond to security incidents and modify its security program to reduce the likelihood of future incidents.  WSU Employee Wellness will identify and respond to suspected or known security incidents, mitigate, to the extent practicable, harmful effects of security incidents that are known to WSU Employee Wellness and document security incidents and their outcomes.


WSU Employee Wellness will include training for workforce members, as appropriate, for promptly identifying, reporting, tracking, and responding to security incidents.  The Security Officer shall document security incidents reported by workforce members in one or more activity logs.  Each activity log shall, to the extent possible, set forth a summary of the incident, actions taken, contact information for involved parties, a list of evidence gathered, comments from incident handlers, and subsequent steps to be taken.  The Security Officer shall ensure that the activity logs are kept in a secure location.


WSU Employee Wellness will organize a Security Incident Response Plan (“SIRP”) for identifying, evaluating and responding to security incidents.  The Security Officer will oversee the activities listed in the SIRP.  The SIRP provides for an investigation, as needed, when evidence shows that a security incident has occurred.  The Security Officer, along with assistance from Weber State University’s information technology provider, will identify, to the extent possible, the specific nature of the problem and the potential threat of exposure to damage or loss of information by WSU Employee Wellness.  The Security Officer, with the assistance of Weber State University’s information technology provider, will take the steps necessary to contain the threat and to restore WSU Employee Wellness’s information system to normal operations.  All actions will be documented.  


After the incident has been contained and WSU Employee Wellness’s information system has returned to normal operations, the Security Officer shall conduct a final review of the activity logs and analyze whether the measures taken were appropriate for the particular security incident.  The Security Officer shall prepare a report documenting conclusions.  Any recommended changes will be implemented as soon as practicable.