Regulation 23 of the Framework Regulations, requires Network Operators providing public communications networks or publicly available electronic communications services to notify the ComReg in the event of a breach of security or loss of integrity that has a significant impact on the operation of networks or services.
Where ComReg receives such reports, it is required to inform the Minister and, where appropriate, the European Network and Information Security Agency (ENISA).
Management of an incident is the responsibility of the Network Operator concerned, calling upon resources as appropriate to assist in the efficient handling of the issue. In some circumstances this may include a Network Operator requesting the support of ComReg, for example to assist in its coordination of the incident response with other parties such as other interconnected Network Operators.
ComReg document 14/02 sets out guidance on Incident Reporting and Minimum Security Standards for Network Operators.
Network Operators should report incidents using the following form: