Skip to main content

Reporting of Information Security Incidents

Introduction

This Directive at Concordia University sets a standard for everyone to report any suspicious incidents regarding the security of the university's computer systems. The IT Support Staff will handle these incidents in coordination with the cybersecurity operations team, following Concordia’s Incident Response Plan and Quebec government regulations. 

Why is this required? The Chief Information Security Officer issued this Directive under the Information Security Policy (VPSS-33). VPSS-33 is adopted in accordance with the Directive sur la sécurité de l’information gouvernementale (section 7) which requires public bodies to adopt and implement a policy on the security of information. 

What this means for you

All Information Security Incidents must be reported including:

  • unauthorized access,
  • phishing emails,
  • theft,
  • system or network intrusions,
  • willful damage, and
  • fraud.

The university's cybersecurity team will take charge of the incident to ensure a timely and appropriate response, meeting all legal obligations.

Feedback

The Chief Information Security Officer is responsible for implementing, reviewing, and approving this Directive and for conducting regular reviews to ensure compliance with internal and external requirements. If you have any feedback or questions about this Directive, please email ciso@concordia.ca

For accessibility-related questions or feedback related to IT security incidents, email iits-accessibility@concordia.ca.

Contact the service desk

Get user support and technical help

514-848-2424, ext. 7613
help@concordia.ca

REPORT AN INCIDENT

If you feel something unsafe has occurred to your computer or network, please report the incident immediately.

Back to top

© Concordia University