Custom An Incident Response Policy essay paper sample
Buy custom An Incident Response Policy essay paper cheap
Incident Response Policy is very vital to any company as part of its overall business continuity plan. The incident response policy helps in minimizing security vulnerabilities, same time gives a response to any security incidence in a more precise and organized manner (Tipton 2000). Among the common security incidents experienced are viruses’ attacks, unauthorized access, malware attacks, denial of service attacks and network probes which greatly affects a company’s information’s systems and networks leading to break downs. This policy shall put in place what is authorized and what shall not, it will also allocate organizational responsibilities to the incident response team, develop a disaster recovery process and outline it in the business continuity plan so as to develop a clear incident response policy.
Incident Response Policy
In developing the IRP for Gem Infosys Company the first step is to identify and develop an incident response team. This team will be drawn from the company’s critical areas which include administration, security, human resource, IT section and the legal representation section. The personnel chosen should be well skilled and have some levels of expertise in computer systems and operations processes. Based on their positions the members will be mandated their functions, roles and responsibilities in enforcing the incidence response policy. The incident response team should then seek backup support from the company’s management to ensure effective policy implementation. For instance this is whereby the team will require financial support from management on resources such as equipments, personnel, and occasional trainings.
Additionally the response team should come up with a detailed incidence response plan. The major responsibility of the incident response team will be to ensuring that all the systems are appropriately configred at all times, identifying and purchasing the necessary security tools for safeguarding and monitoring the systems and ensuring frequent trainings in relation to system usage. The Incident response team will be organized as follows; a team leader whose major activity is to coordinate all activities of the team, the incident lead who will be the overall in charge of coordination and communication about an occurrence of an incident and other associate members who will be in charge of handling and responding to particular incidences within their area of operation.
Once the team is in place, it should develop a response plan which major role will to prepare initial incident assessment and communicate it. The plan should also assist in the recovering of systems, assessing and estimating the incident damages and costs, containing the damage and reducing the likelihood of such an occurrence. The response team through following the response plan should compile and document all the incidences, frequently reviews the plan and update the policies.
The incident response policy should comprehensively cover a disaster recovery process which will contain defining processes, rules and disciplines that will ensure that all the business processes continue operating incase there is a failure of any information system upon which their operations depends upon (Chris, 2005). The recovery process should cover several elements in it which include; establishment of a planning group which will compose of members from all business units and they should have the necessary skills in technology, networks and systems. The process has got other elements which include performing audits and risks assessments, identifying priorities for networks and applications, developing recovery strategies, preparation of inventory and plan documentation, developing of verification criteria and procedures and finally implementation of the established plan. The disaster recovery process will also formulate the mitigation measures that will be usedd to conquer and mitigate any risks and exposures that may arise. Depending on the type of risks, the incident response policy should indicate the expected level of disaster recovery and this will be followed by setting up strategy options for various risks.
The Incident Response Policy should also contain a detailed disaster recovery plan which focuses on restoration of IT operating systems that support business processes (Kunene, 2003). The aim of the plan will be to return the all operations to normal as soon as possible after the occurrence of a disaster. Incident response policy should be linked to the business continuity plan. The business continuity plans describes the procedures that the company takes when it is unable to operate normally after a incident occurs. The plan helps in ensuring that all the systems necessary for operations of the company are available and are effectively operating. The business continuity plan should consist several plans in it which include; Continuity of Operations Plan, Occupant Emergency Plan, Disaster Recovery Plan, Incident Management Plan and Business Resumption Plan (Kunene, 2003)
Not only Gem Infosys Company that needs a incident response policy, but also other businesses and organization in order to help in dealing with unexpected security issue. The incident response policy could greatly prevent loss age of millions of revenues and also customers of a company just because of disruption of business processes such as IT systems. It is therefore important to come up with a response policy early enough which will act as the overall risk mitigation strategy and as a security policy. The research paper therefore recommends on the procedures and processes for response within Infosys Company which are the development of an effective incident response policy that comprehensively includes the development of incident response team, disaster recovery process and business continuity planning.