Incident Response Plan

profilesepola
bd_ch_10_sect_03_04.html
Home>Computer Science homework help>Incident Response Plan

Planning to Recover

To plan for disaster, the CPMT engages in scenario development and impact analysis, along the way categorizing the level of threat that each potential disaster poses. When generating a DR scenario, start with the most important asset: people. Do you have the human resources with the appropriate organizational knowledge to restore business operations? Organizations must cross-train their employees to ensure that operations and a sense of normalcy can be restored. In addition, the DR plan must be tested regularly so that the DR team can lead the recovery effort quickly and efficiently. Key elements that the CPMT must build into the DR plan include the following:

  1. Clear Delegation of Roles and Responsibilities—Everyone assigned to the DR team should be aware of his or her duties during a disaster. Some team members may be responsible for coordinating with local services, such as fire, police, and medical personnel. Some may be responsible for the evacuation of company personnel, if required. Others may be assigned to simply pack up and leave.

  2. Execution of the Alert Roster and Notification of Key Personnel—These notifications may extend outside the organization to include the fire, police, or medical services mentioned earlier, as well as insurance agencies, disaster teams such as those of the Red Cross, and management teams.

  3. Clear Establishment of Priorities—During a disaster response, the first priority is always the preservation of human life. Data and systems protection is subordinate when the disaster threatens the lives, health, or welfare of the employees or members of the community. Only after all employees and neighbors have been safeguarded can the DR team attend to protecting other organizational assets.

  4. Procedures for Documentation of the Disaster—Just as in an incident response, the disaster must be carefully recorded from the onset. This documentation is used later to determine how and why the disaster occurred.

  5. Action Steps to Mitigate the Impact of the Disaster on the Operations of the Organization—The DR plan should specify the responsibilities of each DR team member, such as the evacuation of physical assets or making sure that all systems are securely shut down to prevent further loss of data.

  6. Alternative Implementations for the Various System Components, Should Primary Versions Be Unavailable—These components include stand-by equipment, either purchased, leased, or under contract with a DR service agency. Developing systems with excess capacity, fault tolerance, autorecovery, and fail-safe features facilitates a quick recovery. Something as simple as using Dynamic Host Control Protocol (DHCP) to assign network addresses instead of using static addresses can allow systems to regain connectivity quickly and easily without technical support. Networks should support dynamic reconfiguration; restoration of network connectivity should be planned. Data recovery requires effective backup strategies as well as flexible hardware configurations. System management should be a top priority. All solutions should be tightly integrated and developed in a strategic plan to provide continuity. Piecemeal construction can result in a disaster after the disaster, as incompatible systems are unexpectedly thrust together.

As part of DR plan readiness, each employee should have two types of emergency information card in his or her possession at all times. The first lists personal emergency information—the person to notify in case of an emergency (next of kin), medical conditions, and a form of identification. The second contains a set of instructions on what to do in the event of an emergency. This snapshot of the DR plan should contain a contact number or hotline for calling the organization during an emergency, emergency services numbers (fire, police, medical), evacuation and assembly locations (e.g., storm shelters), the name and number of the DR coordinator, and any other needed information.

Listen webReader by ReadSpeaker Open/close toolbar