1 / 71100%
Name
Strayer University
Security Incident Response Plan (SIRP) Improvement
CIS 359 – Disaster Recovery Management
Assignment 14: Security Incident Response Plan (SIRP) Improvement
Due Week 8 and worth 75 points
You are the Chief Information Security Officer (CISO) for a large organization, and you have identified
the need to improve the existing Security Incident Response Plan (SIRP) to enhance the organization's
readiness for cybersecurity incidents. Your task is to conduct a comprehensive review of the current
SIRP and provide recommendations for improvement.
Write a paper in which you:
1. SIRP Review: Conduct a thorough review of the organization's existing Security Incident
Response Plan (SIRP). Assess the plan's structure, content, and alignment with industry
standards and best practices.
2. Incident Classification: Evaluate the process for classifying and categorizing cybersecurity
incidents within the SIRP. Discuss the criteria and decision-making process for incident
classification.
3. Incident Response Procedures: Analyze the incident response procedures outlined in the SIRP.
Assess the clarity and effectiveness of these procedures, including incident detection,
containment, eradication, and recovery steps.
4. Communication and Notification: Evaluate the communication and notification processes within
the SIRP. Assess how internal and external stakeholders are informed during a cybersecurity
incident.
5. Executive Summary: Draft an executive summary of your SIRP review and recommendations.
Summarize the key findings, areas of improvement, and the potential impact of enhancing the
SIRP.
6. References: Use at least three (3) quality resources to support your SIRP review and
recommendations. Ensure that your sources are reputable and relevant to security incident
response best practices.
Your assignment must follow these formatting requirements:
Be typed, double-spaced, using Times New Roman font (size 12), with one-inch margins on all sides;
citations and references must follow APA or school-specific format. Check with your professor for any
additional instructions.
Include a cover page containing the title of the assignment, your name, the professor's name, the course
title, and the date. The cover page and the reference page are not included in the required assignment
page length.
Use appropriate headings and subheadings to organize the content.
Use visual aids, such as flowcharts or diagrams, to illustrate key elements of the SIRP, if applicable.
The specific course learning outcomes associated with this assignment are:
Evaluate the effectiveness of a Security Incident Response Plan (SIRP) in preparing an organization for
cybersecurity incidents.
Analyze the alignment of a SIRP with industry standards, best practices, and regulatory requirements.
Assess the clarity and effectiveness of incident response procedures and communication protocols.
Develop recommendations for improving a Security Incident Response Plan (SIRP) to enhance an
organization's cybersecurity readiness.
Use technology and information resources to research issues in security incident response planning.
Write clearly and concisely about security incident response topics using proper writing mechanics and
technical style conventions.
Grading for this assignment will be based on answer quality, logic / organization of the paper, and
language and writing skills, using the following rubric.
Points: 75 Assignment 14: Security Incident Response Plan (SIRP) Improvement
Criteria Unacceptable
Below 60% F
Meets
Minimum
Expectation
s
60-69% D
Fair
70-79% C
Proficient
80-89% B
Exemplary
90-100% A
1. Detail the DR team
roles, responsibilities,
and sub teams that
would be implemented
and construct an
organizational chart for
the team through the
use of graphical tools
in Visio, or an open
source alternative such
as Dia.
Weight: 35%
Did not submit or
incompletely
detailed the DR
team roles,
responsibilities,
and sub teams
that would be
implemented and
did not submit or
incompletely
constructed an
organizational
chart for the team
through the use
of graphical tools
in Visio, or an
open source
alternative such
as Dia.
Insufficiently
detailed the DR
team roles,
responsibilities,
and sub teams
that would be
implemented
and
insufficiently
constructed an
organizational
chart for the
team through
the use of
graphical tools
in Visio, or an
open source
alternative
such as Dia.
Partially
detailed the DR
team roles,
responsibilities,
and sub teams
that would be
implemented
and partially
Students also viewed