Tuesday, May 7, 2019

Information Security Management Essay Example | Topics and Well Written Essays - 1250 words

Information Security Management - Essay ExampleThe fourth step is associated with creating contingency strategies. In the fifth step, information technology contingency purpose is developed. The sixth step involves training, testing, and exercise. A maintenance plan document is developed, in the seventh step. The recommended standard approach to the process is to combine the both system evolution and life cycle (SDLC) find management contemplation for the process of contingency planning. 2 Incident solvent Planning Steps The resultant response planning is associated with detailed set of processes and procedures which mitigate, detect and foresee the backcloth of an unexpected event directly impacting on information resources and assets. Incident Detection Identifying the incident to determine whether the incident has occurred due to routine operations or it is the occurrence of an actual incident. The identification of incidents, also known as incident classification, is asso ciate to analyze the originality of an actual incident. However, reports from system administrators, including intrusion detection systems, anti-virus softw atomic number 18 may accelerate to incident classification. Incident Response After the identification of actual incident, the incident response personnel fall out with a responsive approach. Likewise, the responsive approach includes informing to key personnel, allocating tasks and documenting the incident. Incident Escalation If the incident response squad up cannot contain the incident, the impact of the incident is significantly out of reach. Prioritizing business processes as per business impact is essential. For instance, (fraud risk management server) in a bank stops responding, the business impact will be most critical. Incident Recovery After the containment of the incident, the process of incident recovery initializes. The incident response team must comply with What to do to recover from the incident. The team mus t restore services, backup data, continuously monitor the effected system etc. 3 Criteria for Law Enforcement Agencies The law enforcements agencies should be involved if both incident violates civil and criminal law. It is the sole responsibility of the arranging to inform law enforcement agencies. However, the involvement of what fibre of enforcement agencies relates to the type of crime conducted. 4 Why businesses Continuity Plans are tested and rehearsed? Plans are tested and rehearsed to pick up that the ongoing projects meet the changing needs of the organization. Secondly, the plans are also tested and rehearsed to ensure that the capacity of organization is compliant with all the applicable regulations. 5 Summary for Special Publication (SP) 800-34 Contingency Planning strike For federal information system contingency planning, this publication provides recommendations, instructions, and considerations. Contingency planning is associated with the intermediate control m easures for incidents related to information system services, which may occur due to interruption. The intermediate controls consist of recovery of information systems serve well by utilizing equipments exchange, performance of information systems, and relocation of information systems. This guide addresses contingency planning to three platforms. The platforms are Client / Server Architecture, mainframe systems and Telecommunication systems. Moreover, the guide provides seven progressive steps for contingency planning process. The 7 steps are Contingency plann

No comments:

Post a Comment