Tribal Law Gateway  | Lac Courte Oreilles Band of Lake Superior Chippewa Indians of Wisconsin  | Collection | Lac Courte Oreilles Tribal Code of Law. | Title ITP Information Technology Policy | Chapter ITP.1 Information and Technology Use and Security Policy | Subchapter ITP.1.3 Information Security | ITP.1.3.080 Incident response program

Lac Courte Oreilles Band of Lake Superior Chippewa Indians of Wisconsin - Tribal Law

Disclaimer: Although every effort is made to present current and accurate information, if you need an official version of the tribe’s laws, please contact the tribe.

To contact the Lac Courte Oreilles Band of Lake Superior Chippewa Indians of Wisconsin, visit the tribal court's website.

Lac Courte Oreilles Tribal Code of Law.

ITP.1.3.080 Incident response program

(a) Incident Response Team. The Tribe shall establish an Incident Response Team that is available for anyone who discovers or suspects that an incident has occurred. One or more team members are responsible for handling the incident, analyzing the incident data, determining the impact of the incident, and acting appropriately to limit the damage and restore normal services.

(1) The primary Incident Response Team shall consist of:

(A) IT Director

(B) IT Department personnel

(2) More severe or extensive incidents can include:

(A) Office of Attorney General

(B) Tribal Law Enforcement

(C) Compliance/Audit Officer

(3) All Tribal employees shall be aware of the possibility of system or security incidents.

(4) Physical building incidents shall be directed to the Tribe's security officer.

(5) Computer security related incidents shall be directed to the IT or Operations Departments.

(6) Individuals shall work with the response team and executive management to execute an incident response.

(b) Phases of Incident Response

(1) Preparation. This initial phase involves establishing and training a response team and acquiring the necessary tools and resources. During preparation, the Tribe shall attempt to limit the number of incidents that will occur by selecting and implementing a set of controls based on the results of risk assessments. Other preparation items include:

(A) Risk Assessment

(i) Host Security

(ii) Network Security

(iii) Malware Prevention

(B) User Awareness and Training

(C) System Hardening Guidelines

(D) System Access Guidelines

(E) Facilities Security Guidelines

(F) Insurance Policies

(2) Detection and analysis. The process of monitoring and awareness. Training creates an awareness of what constitutes an incident and who to contact when it occurs. Log monitoring, with knowledge of baseline system activities, will create trigger points. Once detected, the Tribe may mitigate the impact of the incident by containing it and ultimately recovering from it.

(3) Containment, eradication, and recovery. The response to the Incident.

(4) Post incident activity. Once the incident is over, an overall assessment report of the incident shall be developed detailing the cause of the incident, steps to prevent future incidents, and steps to mitigate consequences of future incidents.

(5) Unauthorized access to tribal information procedures

(6) Audit. The Tribe shall utilize both internal and external audit procedures to provide independent assessments that evaluate the Tribe's:

(A) Quality of internal controls associated with the acquisition, development, implementation, and operational use of information technology.

(B) Exposure to risks throughout the Tribe and its service provider(s) in the areas of user and data center operations, client/server architecture, local and wide area networks, telecommunications, information security, electronic data interchange, systems development, and contingency planning, including risk management and mitigation techniques implemented by the Tribe; and

(C) Compliance with this and other related policies, procedures and processes concerning information technology related risks.

Original url: https://law.lco-nsn.gov/us/nsn/lco/council/code/ITP.1.3.080

Powered by the non-profit Open Law Library.