InContext Solutions
Incident ManagementLast reviewed: December 2024

Network Remediation

Overview

This policy outlines the actions and procedures necessary to maintain and remediate issues within our internal computer systems effectively.

Purpose

The purpose of this policy is to establish a clear objective for timely remediation of issues that may arise, ensuring operational integrity and security.

Scope

This policy applies to all network switches, firewalls, and servers utilized by InContext Solutions.

Policy

  1. Alert Generation

    • An alert regarding potential issues will be triggered either by a designated person or by an automated monitoring system.

  2. Alert Classification

    • Each alert will be assigned a classification to prioritize response actions.

  3. Defining Alert Classifications:

    • Green: Indicates that the alert is of no concern and does not require any action.
    • Yellow: Indicates an issue that requires attention but is not urgent.
    • Red: Indicates a critical issue that requires immediate attention and action.

  4. Ticket Creation

    • Based on the alert classification, a remediation ticket will be created. The ticket will document the alert details and the classification assigned.

  5. Action and Resolution

    • The responsible personnel will take appropriate actions to resolve the issue documented in the ticket. This may involve troubleshooting, reconfiguration, or collaboration with other teams as necessary.

  6. Ticket Closure

    • Once the actions taken have resolved the issue, the ticket will be closed. There should be a summary of actions taken along with confirmation that the issue has been satisfactorily addressed.

Policy Compliance

  • Compliance Measurement

    • The Information Security (Infosec) Team will verify compliance with this policy through regular monitoring, audits, and reviews of the remediation process. This includes assessing response times, ticket resolutions, and classification accuracy.

  • Exceptions

    • Any exceptions to this policy must be documented and approved in advance by the Information Security Team. Requests for exceptions must be justified and assessed for potential impact.

Revision History

Date of ChangeResponsibleSummary of Change
March 2026ICS InfoSec TeamPublished to Trust Center