What steps are required to report a document-related security incident under UAP Document 301?

• A. Report incidents per the incident response plan; document scope, impact, actions taken, and remediation.
• B. Ignore incidents unless critical.
• C. Only log verbally.
• D. Wait for management to notice.

Answer: (A)

The required approach is to follow the incident response plan and create a formal record of what happened. When a document security incident is identified, you report it according to the established incident response plan and document key details: the scope of the incident (which documents or systems were affected, who accessed them), the impact (any data exposure or operational effects), the actions taken to contain or mitigate the incident, and the remediation steps planned or completed to prevent recurrence. This structured reporting ensures timely containment, provides a clear audit trail for accountability, supports appropriate notifications and coordination, and gives a basis for learning and improving defenses. Informal reporting, logging only verbally, or waiting for management to notice would fail to meet policy requirements and would miss essential documentation and traceability.