Week_2 - Click to edit Master subtitle style ECA256 ECA256...

Info iconThis preview shows pages 1–9. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: Click to edit Master subtitle style ECA256 ECA256 Gabriela Rosu Planning for Organizational Readiness ECA256 Objectives n Identify an individual or group to create a contingency policy and plan n Understand the elements needed to begin the contingency planning process n Create an effective contingency planning policy n Become familiar with the business impact analysis and each of the component parts of this important process n Know the steps needed to create and maintain a budget for enabling the contingency planning process ECA256 22 ECA256 Introduction n Planning for contingencies is complex and demanding n Developing a contingency plan: n Organize the planning process n Prepare the detailed plans n Commit to maintaining plans at a high state of readiness n Rehearse the use of the plans n Maintain the processes necessary to keep a high state of readiness ECA256 33 ECA256 Beginning the Contingency Planning Process n Contingency planning management team (CPMT) is responsible for: n Obtaining senior management commitment and support n Writing the contingency plan document n Conducting the business impact analysis (BIA): n Identifying and prioritizing threats and attacks n Identifying and prioritizing business functions n Organizing the subordinate teams (incident response, disaster recovery, business continuity, crisis management) ECA256 44 ECA256 Beginning the Contingency Planning Process (continued) n Typical CPMT roster may include: n Champion: high-level manager with influence and resources; provides strategic vision n Project manager: leads project n Team members: managers or representatives from business, information technology, and information security n Representatives from other business units (HR, PR, finance, legal, physical plant, etc.) n Representatives from subordinate teams (IR, DR, and BC teams) ECA256 55 ECA256 Beginning the Contingency Planning ECA256 66 ECA256 ECA256 77 Commitment and Support of Senior Management Contingency planning process will fail without clear and formal commitment of senior management Emphasis from senior management encourages subordinates to invest in the process Support must also be gained from communities of interest Community of interest : Group of individuals united by shared interests or values within the organization ECA256 Commitment and Support of Senior n Three communities of interest with roles and responsibilities in information security: n Managers and practitioners in information security n Managers and practitioners in information technology n Managers and professionals from general management n Information security management and professionals: n Focus on integrity and confidentiality of systems n May lose sight of the objective of availability ECA256 88 ECA256...
View Full Document

Page1 / 44

Week_2 - Click to edit Master subtitle style ECA256 ECA256...

This preview shows document pages 1 - 9. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online