In 300 words
The ELT continues to be impressed by your good work and now has the confidence that a well-designed security program is in place to support the goals of IT governance. You have been invited back to the next board meeting for a round table discussion around the topic of incident response. The ELT recognized that all security risks and natural disasters cannot be prevented and would like to hear your thoughts on establishing an incident management plan.
Your assignment is to discuss your ideas for establishing an incident management and response plan within your overall IT governance framework.
Your discussion should include the following:
- How will you define an incident? What will define an actual incident that will trigger your incident response plan?
- How will you determine the level of severity of the incident to guide the urgency of your response?
- What is an acceptable “time to recover/restore” metric?
- In other words, how quickly do you feel the company needs to recover from the incident and how will it make trade-off decisions between the cost of new infrastructure to provide for near immediate recovery to allowing a tolerance for time to recover that is more cost-effective.
- Please reference your work