Information security incident reporting spreadsheet
For quarterly reporting, all incidents must be reported to the Queensland Government Information Security Virtual Response Team (QGISVRT). During completion of the reporting spreadsheet agencies should avoid including any confidential, sensitive and personal information where possible, just a broad outline of the incident details is sufficient.
In addition, agencies will only be required to submit incidents that have been resolved during the reporting period. Any unresolved incidents should be included in the next reporting period. If an incident remains open after a second reporting period then it should be brought to the QGISVRTs attention via a separate report attached to the information security incident reporting spreadsheet.