Information Security Incident Management Standard

Date:	01/01/2025
Organization:	Cybersecurity and Enterprise Risk Management
Referenced Sources:	MGL Chapter 7D, Section 2

Date:

01/01/2025

Organization:

Cybersecurity and Enterprise Risk Management

Referenced Sources:

MGL Chapter 7D, Section 2

Contact

Cybersecurity and Enterprise Risk Management

Online

For cybersecurity or risk management questions: Email Cybersecurity and Enterprise Risk Management at ERM@mass.gov

Purpose

This standard documents the requirements for managing an information security incident; describes the actions to be taken should an incident occur; and details each phase of the incident management life cycle, including identification, investigation, response, and remediation.

Contact

Help Us Improve Mass.gov with your feedback

Did you find what you were looking for on this webpage?

Yes

If you have any suggestions for the website, please let us know. How can we improve the page?

Please do not include personal or contact information.

The feedback will only be used for improving the website. If you need assistance, please contact the Executive Office of Technology Services and Security. Please limit your input to 500 characters.

Please remove any contact information or personal data from your feedback. You will NOT get a response.

If you need assistance, please contact the Executive Office of Technology Services and Security.

Please let us know how we can improve this page.

Please remove any contact information or personal data from your feedback. You will NOT get a response.

If you need assistance, please contact the Executive Office of Technology Services and Security.

Policy Advisory Information Security Incident Management Standard

Contact

Cybersecurity and Enterprise Risk Management

Online

Table of Contents

Purpose

Downloads

Contact

Cybersecurity and Enterprise Risk Management

Online

Help Us Improve Mass.gov with your feedback