Skip to Content

All University of South Carolina system institutions will be closed through the end of the spring semester. Columbia campus virtual instruction will continue through the conclusion of final exams in May. Details can be found on the coronavirus landing page.

Division of Information Technology

Computer hacker

Incident Response

Incident response is the process of dealing with a security incident with the goal of limiting the amount of damage an attacker can do.

When does incident response occur?

In accordance with University IT Policy 3.00, the University Information Security Office is responsible for coordinating and investigating information security incidents.  A security incident has occurred anytime there has been unwanted activity that may affect the confidentiality, integrity, or availability of an IT system, including unauthorized access to systems.

During the incident response process, the university follows the industry standard processes of preparation, identification, containment, eradication, recovery, and lessons learned.

The Incident Response Procedure

The documents linked below illustrate the university-wide Information Security Incident Response Procedure.  Sub-procedures within the overall process are maintained with the respective organizational units.

Challenge the conventional. Create the exceptional. No Limits.