Update the communication section of the incident process documentation to state that we should CC our CDC stakeholders.

[scleary1cs]

DevEx/OpEx

Update the communication section of the incident process documentation to state that we should CC our CDC stakeholders (need to find out who we would actually e-mail, e.g. Manjula, etc.) and our [email protected] mailing list address. And when, is it any incident?

Adding:
Determine point of contacts with partners, and add those to our documented processes

Tasks

• Something.

Additional Context

Add any other context or screenshots about the work here.

[csweet92]

I'm happy to take this one

[csweet92]

Is this a different communication from the email templates we already have for the CDC? @JohnNKing

[JohnNKing]

@csweet92 I don't think we've decided, but my recommendation is to re-use the existing email templates. Either by:

1. Adding a notification templates specifically for the CDC, or
2. Piggybacking on the existing messages; CCing the CDC and making it clear in the process doc that it's the official way of notifying the CDC to an incident.

Also, we may need to use a separate process for security incidents... I'm not certain

[sfradkin]

I'd recommend reaching out to the ISSO to see if they can assist with the security incident process. It may or may not be significantly different. There might be documentation somewhere in the CDC sharepoint system or something. At the very least I'd expect we need to notify the SOC (or equivalent), but may also need to quarantine system state or other things.

[csweet92]

@JohnNKing I think for now the simplest solution would be to CC our CDC partners on the email templates. Is there anyone else who should be included as a partner, other than Manjula and Luther?

[sfradkin]

probably Rebecca for visibility

[JohnNKing]

@JohnNKing I think for now the simplest solution would be to CC our CDC partners on the email templates. Is there anyone else who should be included as a partner, other than Manjula and Luther?

+1 regarding adding Rebecca for visibility. Also our team? My only other thought is if we'd want use the same approach for notifying the ReportStream support team.

[csweet92]

@JohnNKing Sounds good. What's the RS support team email?

[JohnNKing]

@csweet92 I'm not actually sure... I see there's a contact form on https://reportstream.cdc.gov/ -- perhaps there's a distribution list behind this that we could use? I think we'll need to ask them.

[csweet92]

It looks like this is the RS support email [email protected]. I added it to the doc as well

[csweet92]

@JohnNKing @scleary1cs Would you mind taking a look and let me know what you think?
https://www.notion.so/flexion-cdc-ti/Process-92fb2c124c4146faa69429ec017902b0?pvs=4#10b5955365f5805eb110c271b881e5c8

[JohnNKing]

@JohnNKing @scleary1cs Would you mind taking a look and let me know what you think? https://www.notion.so/flexion-cdc-ti/Process-92fb2c124c4146faa69429ec017902b0?pvs=4#10b5955365f5805eb110c271b881e5c8

I like the improvements!

Once we have a list of partner contacts for incidents, I wonder if we could include that in the 1-page incident handling guide. I.e. something that could be copy-pasted. #1352