Request an Investigation

To initiate an investigative request, the individual (agency business staff or DTS Agency Services IT Director) requesting an investigation needs to answer the following questions on DTS Information Security Request Form:

1. What type of request it is (agency, DTS internal, GRAMA, security incident)?
2. Who is requesting it (business manager/supervisor)?
3. Who is approving it (business leader/HR representative):
4. What is the scope of the request:

a. The type of information requested, such as e-mail, web traffic logs, disk images, file directory listings, state phone records, etc.;
b. The date range for requested information; and
c. Requested completion date.

5. Period of time request is valid; and
6. Who will receive the findings/report.

It is especially important that each request be signed by an appropriate business leader and, when appropriate, a Human Resources (HR) representative. Their signatures approve the request to move forward.

All requests need to be forwarded to the Chief Information Security Officer’s (CISO) for review and authorization of DTS staff.

It is possible some requests will require additional resources outside of DTS or could incur expenses not covered by the security rate. In such cases, the CISO will contact the appropriate Agency Services IT Director to discuss the situation and determine if special billing agreement (SBA) is necessary to cover potential expenses (overtime, over night travel outside consulting, etc.) before moving forward with the request.

 

 

Goals

 

The primary goals in formalizing and centrally managing information security investigative requests are:

1. Protecting state staff through a consistent process that controls access to confidential information, protects reputations from unauthorized discussion of unsubstantiated claims, and reduces the likelihood of findings being inappropriately disclosed.

2. Maintaining the security of the State of Utah’s information resources.

3. Promoting consistency and accountability in securely investigating: compliance violations of the State’s Acceptable Use Policy (AR895-07) and unauthorized access of confidential information.

Policies

• Approved (Public)
• Approved (DTS Employees Only)
• Draft (DTS Employees Only)

Standards

• Enterprise Security Wiki
• Enterprise Security Standards

Guidelines

• Enterprise Security Architecture

Procedures

• Link

Forms

• DTS Form 505 Security Investigation Request