Incident Reporting Procedures
Best practices and how to report an incident correctly.
Procedures
Good practices
Because we work with complex systems, incidents in normal usage are common, for example:
- Expired passwords.
- Locked accounts.
- Insufficient disk quotas.
- Software failures.
- Etc.
Some of these situations are easily avoided with very simple measures, such as following a proper password policy (store them securely, rotate them...) or keeping files and their sizes within reasonable limits (removing anything unnecessary). Applying these basic measures benefits all users as well as the Systems Department, so responsible user account management is strongly recommended.
Reporting incidents
If an incident occurs, there are two email addresses to report it to:
cierzo@bifi.es
agustina@bifi.es
Each address corresponds to one of the center's systems.
To resolve problems, context is necessary, so reports should follow a specific format.
Example:
Incorrect way to report an incident:
Hi. I don't have memory.
Correct way to report an incident:
Good morning.
My name is XXX, my username is YYY on system ZZZ.
Description of the problem (software involved, circumstances, tools used, IP address if relevant, etc.). In general, all details that clarify the incident.
Output of commands (error codes, reports, screenshots, logs or whatever is appropriate)
Users should keep in mind that the more information they provide, the easier it will be to resolve the issue.
Once the report is received, it will be queued with an assigned priority. Naturally, resolution times vary widely and multiple incidents of different types are often open at the same time, so it is recommended to give the Systems Department a reasonable amount of time before requesting updates on a specific issue.
If no response is received after several days, it is recommended to contact the addresses above again or to contact members of the Systems Department directly.