17.8.35 Information security incident

Information security incidents are defined as a single or series of unwanted events that compromise (or are likely to compromise) the confidentiality, integrity or availability of OIST information assets and/or breach OIST policy or Japanese law. A compromise is an incident where the security of a system or its information was successfully harmed.

Examples of information security incidents include:

  • Data loss due to any cause including operation error such as personal data being e-mailed to the wrong recipient
  • Unauthorized use of a system for the processing or storage of data
  • Noncompliance with information security and acceptable use policies
  • Theft or other loss of a laptop, desktop, PDA, or other device that stores the University information, whether or not the device is owned by the University
  • Attempts (either failed or successful) to gain unauthorized access to a system or its data
  • Unwanted disruption or denial of service
  • Malfunctions of software or hardware

Table of Contents