Incident Response Plan

sepola
bd_ch_10_sect_03_01.html
Home>Computer Science homework help>Incident Response Plan

The Disaster Recovery Process

In general, a disaster has occurred when either of two criteria is met:

  • (1)

    The organization is unable to contain or control the impact of an incident, or

  • (2)

    the level of damage or destruction from an incident is so severe that the organization cannot quickly recover from it.

The distinction between an incident and a disaster may be subtle. The DRPT must document in the DR plan whether an event is classified as an incident or a disaster. This determination is critical because it determines which plan is activated. The key role of the DR plan is to prepare to reestablish operations at the organization's primary location after a disaster or to establish operations at a new location if the primary site is no longer viable.

You learned earlier in this chapter about the CP planning process recommended by NIST, which uses seven steps. In the broader context of organizational CP, these steps form the overall CP process. These steps are adapted and applied here within the narrower context of the DRP process, resulting in an eight-step DR process.

  1. Organize the DR Team—The initial assignments to the DR team, including the team lead, will most likely be performed by the CPMT; however, additional personnel may need to be assigned to the team as the specifics of the DR policy and plan are developed, and their individual roles and responsibilities defined and assigned.

  2. Develop the DR Planning Policy Statement—A formal department or agency policy provides the authority and guidance necessary to develop an effective contingency plan.

  3. Review the BIA—The BIA was prepared to help identify and prioritize critical information and its host systems. A review of what was discovered is an important step in the process.

  4. Identify Preventive Controls—Measures taken to reduce the effects of business and system disruptions can increase information availability and reduce contingency life cycle costs.

  5. Create DR Strategies—Thorough recovery strategies ensure that the system can be recovered quickly and effectively following a disruption.

  6. Develop the DR Plan Document—The plan should contain detailed guidance and procedures for restoring a damaged system.

  7. Ensure DR Plan Testing, Training, and Exercises—Testing the plan identifies planning gaps, whereas training prepares recovery personnel for plan activation; both activities improve plan effectiveness and overall agency preparedness.

  8. Ensure DR Plan Maintenance—The plan should be a living document that is updated regularly to remain current with system enhancements.

Listen webReader by ReadSpeaker Open/close toolbar