Versions Compared

Old Version 56

changes.mady.by.user Pieter Nijs

Saved on

compared with

New Version 57

changes.mady.by.user Pieter Nijs

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This part of the iSHARE scheme is considered normative and is therefore compliant with RFC 2119.


The incident management process describes the steps that the Scheme Owner and adhering- and certified parties MUST take to solve incidents in the iSHARE network.

An incident is an event, not part of the standard service operation, that results in a potential impact or risk with regards to the quality, availability, confidentiality and/or integrity of (data within) the iSHARE scheme. This includes the data used for identification, authentication and authorisation purposes in the context of data exchange, but not the contents of the actual data exchange. 

Note incident resolution is NOT part of regular maintenance, and therefore is NOT subject to maintenance windows as described under service levels.


Three classifications of incidents are recognised within iSHARE. Note that the impact or risk described is non-exhaustive.

Classification

Impact or risk

Minor incident
  • Expected unavailability of < 8 hours of an adhering party or < 4 hours of a certified party or < 2 hours of the Scheme Owner, and/or;
  • (Potential) data security breach, for example through the loss of a USB stick, laptop, hard disk, or because of hacking attempts or found malware, and/or;
  • Fraud or presumption of fraud by, for example an employee or a hacker.
Calamity
  • Direct involvement of three or more adhering/certified parties, and/or;
  • Serious impediment(s) to other adhering/certified party(s), and/or;
  • Expected unavailability of > 8 hours of an adhering party or > 4 hours of a certified party or > 2 hours of the Scheme Owner, and/or;
  • Data security breach that needs to be reported in line with meldplicht datalekken, and/or;
  • (Other) impact on confidentiality and integrity.
Crisis
  • Involvement of 10 or more adhering/certified parties, and/or;
  • Serious impact on image and trustworthiness of iSHARE, and/or;
  • Expected unavailability of > 48 hours of a certified party or > 12 hours of the Scheme Owner, and/or;
  • Political implications, and/or;
  • Fundamental legal or technical vulnerability.

Goal

...

  • The Scheme Owner proactively coordinates the handling and solving of incidents, and assists if necessary;
  • Adhering/certified parties are responsible for reporting all incidents in the iSHARE network, and taking the steps necessary to handle and solve incidents.

Expected administrative burden on the Scheme Owner

...

  • .

Sequence

          Before initiating the process as below, the reporting party, in conjunction with the causing party (if not the same) MUST assess together whether the event deemed an incident is indeed an incident. 

...