Statutes, codes, and regulations
Louisiana Administrative Code
Title 42 - LOUISIANA GAMINGPart III - Gaming Control Board
Chapter 28 - Casino Computer Systems
Section III-2807 - Incident Response Plan

La. Admin. Code tit. 42 § III-2807

Download
PDF
Current through Register Vol. 50, No. 6, June 20, 2024
Section III-2807 - Incident Response Plan
A. To ensure that computer systems and network security threats are responded to in a timely and effective manner, an operational incident response plan shall be developed, implemented, and maintained. Licensees and casino operators shall reference the incident response plan in their internal controls, but the plan shall be maintained outside the internal controls to ensure it is updated.
B. The incident response plan shall:
1. detail adequate preparation, detection, analysis, containment, recovery, and response activities;
2. define roles and responsibilities in the event of a security incident;
3. include measures for tracking, documenting, and reporting security incidents to appropriate officials and/or authorities and the division;
4. have a definitive communication plan including both internal and external communication; and
5. be formally documented and tested every three years.

La. Admin. Code tit. 42, § III-2807

Promulgated by the Department of Public Safety and Corrections, Gaming Control Board, LR 442016 (11/1/2018).
AUTHORITY NOTE: Promulgated in accordance with R.S. 27:15 and 24.