Incident Response Plan

profilesepola
bd_ch_10_sect_02.html
Home>Computer Science homework help>Incident Response Plan

Incident Response

Most organizations have experience detecting, reacting to, and recovering from attacks, employee errors, service outages, and small-scale natural disasters. While they may not have formally labeled such efforts, these organizations are performing incident response (IR) An organization’s set of planning and preparation efforts for detecting, reacting to, and recovering from an incident. . IR must be carefully planned and coordinated because organizations heavily depend on the quick and efficient containment and resolution of incidents. Incident response planning (IRP) The actions taken by senior management to develop and implement the IR policy, plan, and computer security incident response team. , therefore, is the preparation for such an effort. Note that the term incident response could be used either to describe the entire set of activities or a specific phase in the overall reaction. However, in an effort to minimize confusion, this text will use the term IR to describe the overall process, and reaction rather than response to describe the organization’s performance after it detects an incident.

In business, unexpected events sometimes happen. When those events represent the potential for loss, they are referred to as adverse events An event with negative consequences that could threaten the organization’s information assets or operations. Sometimes referred to as an incident candidate. or incident candidates See adverse event. . When an adverse event begins to manifest as a real threat to information, it becomes an incident An adverse event that could result in a loss of information assets, but does not threaten the viability of the entire organization. . The incident response plan (IR plan) The documented product of incident response planning; a plan that shows the organization’s intended efforts in the event of an incident. is usually activated when the organization detects an incident that affects it, regardless of how minor the effect is.

Listen webReader by ReadSpeaker Open/close toolbar