Question HLIH-05

Do you have the capability to respond to incidents on a 24 x 7 x 365 basis?

Standard Guidance

EDUCAUSE provides no guidance here

Answering "NO"

State plans to implement this capability in the future.

Answering "YES"

Describe the implemented procedure for 24 x 7 x 365 coverage.

Reason for Question

The capacity for the vendor to respond effectively (and quickly) to a security incident is of the utmost importance. The size and talent of a vendor's incident response team will determine their capabilities during a security incident. Use the knowledge of this response when evaluating other vendor statements, particularly when discussing degraded operation states.

Follow-Up Inquiries

If the vendor does not have an incident response plan, point them to the NIST Computer Security Incident Handling Guide at https://csrc.nist.gov/publications/detail/sp/800-61/rev-2/final (opens in a new tab)

HECVAT Pro Advice

[Add expert insights and best practices]

Implementation Tips

[Add practical steps for SME SaaS vendors]

FAQ

[Add common questions related to this HECVAT item]

Resources

[Add links to relevant articles or tools]