Contract Process
Response Process during a Security Accident
| (1) | Intrusion related system logs are transmitted from security equipment to Site Server. |
| (2) | Warning messages and calls for in-charge are forwarded according to the methods specified in Site Server. |
| (3) | Intrusion related logs are transmitted from Site Server to Center Server. |
| (4-1) | Warning messages and calls for in-charge are forwarded to console connected to Center Server and situation panel according to the methods specified in log transmitting Center Server. |
| (4-2) | System intrusion is recognized by such methods as situation panel, console, and call. |
| (5-1) | CERT team notified of intrusion. |
| (5-2) | Accident occurrence reported to Security Manager. |
| (5-3) | Recognition status for site Security Manager is verified. In case of Security Manager's absence, the person in charge of the site shall be notified for necessary actions. |
| (6-1) | Upon receipt of the notification, the Security Manager should, when necessary, cooperate with other related organizations. |
| (6-2) | CERT team grasps the causes of the problem and takes necessary actions to the affected system using remote methods. |
| (6-3) | Person in charge of site security checks the affected system, takes necessary action, or contacts the manager of the system being affected for action. In case of in-charge's absence, emergency communication network should be operated accordingly. |
| (7) | Accident handling and completion reporting |
