Incident Detection & Response

The workspace lead is responsible for reporting any security incident, such as unauthorized access, a breach of the workspace, or information spillage. The Workspace lead is also responsible for coordinating incident reporting with their internal Departmental Incident Response Authorities in accordance with established procedures. The workspace lead should consult with their Departmental IT Security Authorities to ensure incidents are tracked and reacted to in accordance with Departmental Incident Response Processes.

The workspace lead works with their departmental IT security team to contain and investigate the incident and apply all necessary corrective action. Once the incident is contained, the workspace lead works with SSC and the departmental security team to conduct a post-incident review.

For more information, please consult the Portal and Workspace Incident Response guidance.