Академический Документы
Профессиональный Документы
Культура Документы
Department
Business Unit
Agency Contact
email
Phone
Date
Instructions
Further information
OFFICIAL #
Choose
2. Click on the 'Detailed reporting' tab and fill out ALL 'Mandatory' fields
3. Indicators of Compromise (IOC's) is a 'Mandatory' field however, there may be more IOC's than can
fit in the cell. In this instance, click the 'IOC' tab, reference the relevant 'Incident number', assign the
'Type' of IOC and finally enter the actual IOC data.
4. Once the 'Cover', 'Detailed reporting' and 'IOC' sheets have been completed, please ensure it is
emailed to the Queensland Government Information Security Virtual Response Team
- Email: QGISVRT@qld.gov.au
- Subject: <Department Name> - Q<number> - <year> - Quarterly Information Security Incident Report
Number Business Impact Level Date and Time Discovered Contact Information Incident Type Incident Summary Incident Scope
2 Choose Choose
3 Choose Choose
4 Choose Choose
5 Choose Choose
6 Choose Choose
7 Choose Choose
8 Choose Choose
9 Choose Choose
10 Choose Choose
11 Choose Choose
12 Choose Choose
13 Choose Choose
14 Choose Choose
15 Choose Choose
16 Choose Choose
17 Choose Choose
18 Choose Choose
19 Choose Choose
20 Choose Choose
21 Choose Choose
22 Choose Choose
23 Choose Choose
24 Choose Choose
25 Choose Choose
26 Choose Choose
27 Choose Choose
28 Choose Choose
29 Choose Choose
OFFICIAL #
30 Choose Choose
31 Choose Choose
32 Choose Choose
33 Choose Choose
34 Choose Choose
35 Choose Choose
36 Choose Choose
37 Choose Choose
38 Choose Choose
39 Choose Choose
40 Choose Choose
41 Choose Choose
42 Choose Choose
43 Choose Choose
44 Choose Choose
45 Choose Choose
46 Choose Choose
47 Choose Choose
48 Choose Choose
49 Choose Choose
50 Choose Choose
OFFICIAL #
Incident Closure
Have steps been taken to
Is the incident inside the Has evidence been
Impact to Department Indicators of Compromise Mitigating factors applied Brief description of response actions performed prevent the incident from
trusted network? preserved?
happening again?
Describe what controls were implemented Describe what response actions were performed
How is the Department affected? Included in IOC worksheet
to contain / mitigate the incident once notified of the incident
NON-MANDATORY
Asset BIL Context Impact Context
Has the policy been Estimated cost of the
Physical locations Service Operating system/version affected
reviewed to prevent incident (incl. containment / Date closed Confidentiality Rating Integrity Rating Availability Rating Cause Origin Affect
of the incident? outsourced? (if applicable)
reoccurrence? prevention)
Choose Confidentiality - Medium Integrity - Medium Availability - Low Choose Choose Choose Choose
Choose Choose Choose Choose Choose Choose Choose Choose
Choose Choose Choose Choose Choose Choose Choose Choose
Choose Choose Choose Choose Choose Choose Choose Choose
Choose Choose Choose Choose Choose Choose Choose Choose
Choose Choose Choose Choose Choose Choose Choose Choose
Choose Choose Choose Choose Choose Choose Choose Choose
Choose Choose Choose Choose Choose Choose Choose Choose
Choose Choose Choose Choose Choose Choose Choose Choose
Choose Choose Choose Choose Choose Choose Choose Choose
Choose Choose Choose Choose Choose Choose Choose Choose
Choose Choose Choose Choose Choose Choose Choose Choose
Choose Choose Choose Choose Choose Choose Choose Choose
Choose Choose Choose Choose Choose Choose Choose Choose
Choose Choose Choose Choose Choose Choose Choose Choose
Choose Choose Choose Choose Choose Choose Choose Choose
Choose Choose Choose Choose Choose Choose Choose Choose
Choose Choose Choose Choose Choose Choose Choose Choose
Choose Choose Choose Choose Choose Choose Choose Choose
Choose Choose Choose Choose Choose Choose Choose Choose
Choose Choose Choose Choose Choose Choose Choose Choose
Choose Choose Choose Choose Choose Choose Choose Choose
Choose Choose Choose Choose Choose Choose Choose Choose
Choose Choose Choose Choose Choose Choose Choose Choose
Choose Choose Choose Choose Choose Choose Choose Choose
Choose Choose Choose Choose Choose Choose Choose Choose
Choose Choose Choose Choose Choose Choose Choose Choose
Choose Choose Choose Choose Choose Choose Choose Choose
Choose Choose Choose Choose Choose Choose Choose Choose
OFFICIAL #
CATORS OF COMPROMISE
Data
enter IOC data here
OFFICIAL #
Choose
BIL-Low
BIL-Medium
BIL-High
INCIDENT CLASSIFICATION
Choose
Theft/loss of assets
Account Compromise
Phishing
Malware infections
Ransomware infections
Abuse of privileges
Password confidentiality
Sabotage/physical damage
Other events
IMPACT
Choose
Confidentiality
Integrity
Availability
CAUSE
Choose
Deliberate
OFFICIAL #
Accidental
Error
ORIGIN
Choose
Internal
External
AFFECT
Choose
Data
Infrastructure
People
Service
SEVERITY
Choose
None/Negligible
Minor
Moderate
High
Very High
SERVICE OUTSOURCED
Choose
Yes
No
Choose
Not Applicable
Up-to-date
Not up-to-date
Choose
OFFICIAL #
Not Applicable
Yes
No
Choose
Not Applicable
Up-to-date
Not up-to-date
Choose
Yes
No
FOLLOWUP
Choose
Yes
No
AUTHORITIES
Choose
Queensland Police
IOC Type
Choose
IP address (V4)
URI
URL
Email address
Email subject line
Host name
Domain name
MD5 Hash
SHA1 hash
SHA256 hash
SHA384 hash
SHA512 hash
Address
Asynchronous Transfer Mode address
OFFICIAL #
BIL Types
Choose
Confidentiality - Low
Confidentiality - Medium
Confidentiality - High
Choose
Integrity - Low
Integrity - Medium
Integrity - High
Choose
Availability - Low
Availability - Medium
Availability - High
Quarter Selector
Choose
Quarter 4 - 2018
Quarter 1 - 2019
Quarter 2 - 2019
Quarter 3 - 2019
Quarter 4 - 2019
Quarter 1 - 2020
Quarter 2 - 2020
Quarter 3 - 2020
Quarter 4 - 2020
Quarter 1 - 2021
Quarter 2 - 2021
Quarter 3 - 2021
Quarter 4 - 2021
OFFICIAL #
IOC - Mandatory
Choose
Already supplied to QGISVRT
Included in IOC worksheet
No relevant IOC's to report
OFFICIAL #
ware/software) or communications)