Computer and Information Security Incident Quick Reference Guide

Definition of Computer and Information Security Incident

  • A computer security incident is a violation or imminent threat of violation of computer security policies, acceptable use policies, or standard security practices. 
  • An information security incident is any information technology-related incident in which sensitive data is copied, transmitted, viewed, stolen or used by an individual unauthorized to do.

Who should report a Computer Security or Information Security Incident?
All users of SLU IT resources are responsible for reporting suspected and confirmed incidents. When an incident occurs, follow these tips:

  • Stay calm. The Information Security team has a process in place to address these issues.
  • Immediately document the event (i.e. time, date, file name, application name, how discovered, type of data loss or exposure).
  • Don't act hastily. The accuracy of the information is more important than how quickly it is addressed and resolved.
  • Do not modify or make any changes to the system. This could impact file logs or contaminate system evidence.
  • Involve senior management early. Remind them that details of the incident are to be kept confidential especially in the early stages as data is being collected.
  • Don't withhold information. All details, no matter how insignificant it may seem, should be shared so informed decisions can be made.

How do I report a Computer or Information Security Incident?
Call or email the Information Security Team at 314-977-5499 or

To report a computer or information security incident, 
contact the Information Security team by 
email or call 314-977-5499.

To contact the ITS Service Desk, email or call 314-977-4000

To report a Compliance issue:


What type of Information Security Incident should be reported?

  • Serious incidents are those that meet one or more of the following criteria:
  • Involves unauthorized access to, loss or theft of a device known to store, process or transmit sensitive. 
  • Involves the suspected compromise of a critical enterprise security device, such as a data center firewall, border firewall, or authentication service.
  • Involves compromise of an ITS-managed networking device, such as a router or switch.
  • Causes the extended unavailability of a service critical to the University's mission. 
  • Involves a significant number of University systems, indicating a widespread attack.
  • In the judgment of the CIO or ISO, poses a high severity risk to University systems or information.

Sensitive Data is a blanket term used to designate classes of data with a high level of sensitivity that the University is legally or contractually required to protect. At Saint Louis University, sensitive data refers to personally identifiable information (PII) such as:

  • Social security number
  • Credit card number
  • Driver's license number
  • Student records
  • Protected health information (PHI)
  • Human subject research

Compromised user or email accounts associated with sensitive data should also be reported.