Retrieved from https://studentshare.org/environmental-studies/1410868-information-security-management
https://studentshare.org/environmental-studies/1410868-information-security-management.
The fourth step is associated with creating contingency strategies. In the fifth step, information technology contingency plan is developed. The sixth step involves training, testing, and exercise. A maintenance plan document is developed, in the seventh step. The recommended standard approach to the process is to combine the both system development and life cycle (SDLC) risk management contemplation for the process of contingency planning. 2 Incident Response Planning Steps The incident response planning is associated with detailed set of processes and procedures which mitigate, detect and foresee the scope of an unexpected event directly impacting on information resources and assets.
Incident Detection Identifying the incident to determine whether the incident has occurred due to routine operations or it is the occurrence of an actual incident. The identification of incidents, also known as incident classification, is related to analyze the originality of an actual incident. However, reports from system administrators, including intrusion detection systems, anti-virus software may facilitate to incident classification. Incident Response After the identification of actual incident, the incident response personnel follow with a responsive approach.
Likewise, the responsive approach includes informing to key personnel, allocating tasks and documenting the incident. Incident Escalation If the incident response team cannot contain the incident, the impact of the incident is significantly out of reach. Prioritizing business processes as per business impact is essential. For instance, (fraud risk management server) in a bank stops responding, the business impact will be ‘most critical’. Incident Recovery After the containment of the incident, the process of incident recovery initializes.
The incident response team must comply with “What to do to recover from the incident”. The team must restore services, backup data, continuously monitor the effected system etc. 3 Criteria for Law Enforcement Agencies The law enforcements agencies should be involved if any incident violates civil and criminal law. It is the sole responsibility of the organization to inform law enforcement agencies. However, the involvement of ‘what type of enforcement agencies’ relates to the type of crime conducted.
4 Why businesses Continuity Plans are tested and rehearsed? Plans are tested and rehearsed to ensure that the ongoing projects meet the changing needs of the organization. Secondly, the plans are also tested and rehearsed to ensure that the capacity of organization is compliant with all the applicable regulations. 5 Summary for Special Publication (SP) 800-34 Contingency Planning Guide For federal information system contingency planning, this publication provides recommendations, instructions, and considerations.
Contingency planning is associated with the intermediate control measures for incidents related to information system services, which may occur due to interruption. The intermediate controls consist of recovery of information systems function by utilizing equipments exchange, performance of information systems, and relocation of information systems. This guide addresses contingency planning to three platforms. The platforms are Client / Server Architecture, mainframe systems and Telecommunication systems.
Moreover, the guide provides seven progressive steps for contingency planning process. The 7 steps are: Contingency plann
...Download file to see next pages Read More