The State Incident Response Team (SIRT) responds to information security incidents that potentially impact multiple agencies or which pose a significant threat to the State of Oregon. The SIRT is responsible for coordinating interagency security incident response resources and communications during or about an information security incident that impacts multiple agencies. The SIRT collects, classifies and catalogs all reported information security incidents. When an information security incident occurs that does not require SIRT involvement, the SIRT may assist agencies in responding to an information security incident upon request. The SIRT maintains confidentiality in accordance with agency policy, rules and legal requirements on all information security incidents reported to it.
DAS, through the Enterprise Security Office, has authority and responsibility for the statewide incident response program. The program establishes enterprise procedures, standards and guidelines for statewide and agency-level information security incident response. The ESO maintains a forensics program capable of assisting agencies.