Closed daddison48 closed 3 years ago
Some useful CivicActions documents exist, which can probably be usefully adapted: https://handbook.civicactions.com/en/latest/100-security/incidents/ https://handbook.civicactions.com/en/latest/100-security/incident-response-plan/ https://handbook.civicactions.com/en/latest/100-security/incident-response-checklist/
@erogray to look for contractual language around critical defects (in base contract) — and language around "Critical incidents" in QASP document
can publish to a new subdirectory of https://github.com/department-of-veterans-affairs/va.gov-team/tree/master/platform/cms
https://docs.google.com/document/d/1QhRZ-mBF2-EEtjgmcUxAsdk_de3jL3jLESATOACGjRs/edit# seems like a good start — I have a couple questions about communications to stakeholders that are probably best answered by someone else on the team (perhaps @daddison48 or @cmaeng ) that are highlighted in the document. This is ready for review by someone besides myself and Vanessa.
@daddison48 would it be helpful to just schedule a meeting to talk through this?
I provided some thoughts and input in the doc. I think we may need to work towards a v1 of this plan and then iterate on a v1.1 as we make decisions around security incidents, oncall, ISSO, etc.
Story/Issue
As a user of the CMS I need to know when their are potential system issues or outages and the workarounds that affect my use of the system so that I can use workarounds to continue my work.
Background
On Friday (12/11/2020) CMS team became aware of a PIV login issue, but users were not notified until Tuesday (12/15) of the issue and the workaround to login without PIV. Dave C. expressed concern over the fact that users were not notified outside of slack, as most new users onboarding will not be slack users.
Working group for this should be @oksana-c @olivereri @erogray @daddison48 (optional-ooo) @cmaeng @VanessaLuxen @indytechcook
ACs