The college's cybersecurity policy ensures the organization covers the preparation, automated detection, and intake of incident reporting, analysis, containment, eradication, and recovery in alignment with NIST 800-53r5 controls.

The college maintains and makes available a current and viable Incident Response Plan (IRP) to all stakeholders, ensuring that all relevant personnel are trained on its contents and procedures.

The college's incident response policy shall include a provision for regular review and modification of incident response practices to incorporate lessons learned, business process changes, and industry developments as necessary. This shall ensure that the organization remains adaptive and able to effectively respond to evolving cyber threats and incidents.

The college will establish an integrated team comprising cybersecurity experts, IT professionals, and business function representatives to collaborate on incident response operations, ensuring a holistic and coordinated approach to addressing cybersecurity and data privacy incidents effectively and efficiently.

The college shall ensure timely reporting of cybersecurity incidents to internal stakeholders, affected clients and third-parties, and regulatory authorities in accordance with established incident response procedures.

The college shall conduct post-incident reviews and analysis of all cybersecurity and data privacy incidents to identify root causes and lessons learned. These insights shall be documented and incorporated into the organization's cybersecurity incident response plan and controls framework to enhance resilience and reduce the likelihood or impact of future incidents.

The college will retain Personal Data (PD), including metadata, for an organization-defined time period in accordance with stated purposes or legal requirements. The organization has established procedures for the secure disposal, destruction, erasure, or anonymization of PD, regardless of the method of storage. Additionally, the organization employs organization-defined techniques or methods for secure deletion or destruction of PD, including originals, copies, and archived records, to maintain data privacy and confidentiality.