Office of Information Security Logo
about UMS link buttonPolicies and Practices Link ButtonTraining and Services Link ButtonResources and Information Link ButtonContact Us Link Button
Policy and practices logo
Administrative Practice Letters
 
The Office of Information Security currently owns and presides over the Information Security Incident Response APL. The primary purpose of this APL is to provide guidance to all UMS staff regarding the overall UMS approach to responding to incidents, outlines procedures to be followed when an incident is discovered, and provides a foundataion for campuses to build local plans

Incident Response APL

To meet the purpose and goals, response to information security incidents must follow prescribed steps for initial assessment, investigation, reporting, and follow-up.  The specific procedures within these steps need to be tailored to the type and severity of the incident. 

To download and view the Incident Response APL in PDF format, please select the link below.

Incident Response APL (PDF)

Credit/Debit Card Standards (PCI) APL

To review the procedures and requirements for UMS departments accepting payments by credit/debit card, including information about:

  • Safeguarding personal cardholder information provided to the UMs, or its vendors on behalf of the UMS, to protect against theft or other misuse of the data; and
  • Complying with the requirements of the Payment Card Industry Data Security Standard (PCI DSS).

To download and view the Credit/Debit Card Standards (PCI) APL in PDF format, please select the link below.

Credit/Debit Card Standards (PCI) APL (PDF)


16 Central Street Bangor, Maine 04401
Telephone: (207) 973-3201 | Fax: (207) 973-3296
Express Message: (207) 973-3399 | TTY Phone (24 Hours)(207) 973-3262