24/7 monitoring of all network activity is an invaluable tool for enhancing your security posture. An effective Incident Response Plan (IRP) is essential to mitigation of attacks, while a Disaster Recovery Plan (DRP) provides support for unexpected environmental obstacles to information systems. For both IRP and DRP, a company must develop strategies to recover from unexpected interruptions, and exercise these plans to ensure all applicable personnel are prepped and aware of their roles. In Topic 5, a minor Business Impact Analysis (BIA) was conducted, which identified the critical assets to the company. These assets will be used to aid in the development of a contingency plan to ensure business continuity in the presence of an event.
This assignment exercises the analysis and development of a Lite Contingency Plan (BIA, IRP, DRP, and Business Continuity Plan: BCP). The development of a workflow diagram is essential in displaying the relationship between the four components. This is critical for the IRP and DRP, as an IRP can launch a DRP when a threat disrupts a system through ransomware, DDoS, or other malicious attacks against a system.
Use the following guidelines to create an 8- to 12-page report using the same corporate profile selected earlier.
Business Impact Analysis
In one to two paragraphs, summarize the objective of conducting a BIA for your selected company. Describe the benefits, potential outcomes, and company enhancements.
Obtain the list of threats against the assets identified in your Topic 5 assignment, “Risk Management Assessment and Control,” and place them in a table.
Prioritize this list from highest impact to lowest impact to the company.
Add a column and describe how loss of the process, system, data, etc., will impact the company.
Assuming worst-case scenario, add a column and describe the appropriate measures to recover from the threat.
Incident Response Plan (IRP)
In three to four pages, detail an IRP to include:
Brief overview
Roles and responsibilities (from Users to CISO)
Reporting guidelines
Example workflows diagram – Event to resolution
Explain the six stages of incident handling as it relates to the company
Escalation procedures with an associated chart
Disaster Recovery Plan (DRP)
Establish a DRP Policy in one to two pages that contains the following in alignment with the company:
Purpose
Scope
Roles and responsibilities
Resource requirements
Training requirements
Exercise and testing schedules (include IRP exercise and schedules)
Plan maintenance schedules
Business Continuity Plan (BRP)
In three to four pages, close out the assignment with a complete BC Plan that includes the following:
Describe which usage strategy (Hot site, Warm site, or Cold site) the company will use and why (explain the benefit to the company).
Explain how the company will use and sustain the usage strategy.
Detail the critical systems/assets recovery procedures.
Provide processes to reestablish business operations and security operations. Include disaster to alternate site and restoration back to original state.
Provide and describe a worst-case scenario timeline (disaster to recovery).
Describe readiness, training, exercises, and BC process reviews/updates.
Include diagrams, tables, and charts as directed by the instructor.