User Account

All Pages

Design an incident-response plan

Assignment Help Other Subject
Reference no: EM133923394

Assignment Directions: Design an Incident-Response Plan

Purpose
In this activity, you will write a paper that provides a detailed incident-response plan (IRP) for a breach. As a governance professional, you must design an IRP that aligns with your organization's requirements and industry best practices. This means you have policies and procedures that adhere to regulatory requirements and industry standards. It also means that the IRP contains technical and policy knowledge about the relevant laws, regulations, and contractual obligations such as data breach notification laws and industry-specific regulations.
Demonstrating effective governance means establishing multidisciplinary teams with cross-functional capabilities. This type of work structure requires senior management, IT teams, legal counsel, and compliance officers to work together to help you communicate with stakeholders about the cybersecurity breach and explain how the company manages it. Once the breach is found, it must be immediately contained, so rapid, effective communication is paramount.

Directions
Write a 10- to 12-page IRP. It must be well-structured and easy to understand. It should require regular review, updates, and testing. It also should ensure that employees understand how to recognize and report cybersecurity incidents promptly and accurately. If you discuss technology, it is fine to list options such as automated detection and response technology, or enhanced detection and response, for example. It is more important for the executive team and as a governance practice, however, that you also explain the complexitiesT of integrating ever-changing technology into a system or network. Your analysis should demonstrate how you plan to continually upgrade your practices and document them to show compliance.
You may create your IRP any way you choose, as long as all elements of the prompt are covered. The following is a recommended way to do it:
Research: Before conducting research, read the prompts below. Review the Unit 2 Learning Resources. In Unit 1 Learning Resources, "The Ultimate Guide to Cybersecurity Planning for Businesses" is a good article on what businesses look at in considering a cybersecurity plan. Revisit the key federal documents or laws that govern responding to a data breach in your industry. You will not need to cite these laws, but you must explain which one governs your industry sector and what you must do to show compliance with the specific law. That explanation can be as simple as "United Health Care is in compliance with HIPAA data requirements, and our IRP team will review the checklist to make sure that we are managing personal health data and personal financial data under HIPAA regulations."
Outline: During and after the research phase, outline your IRP. Get online assignment help-AI & plagiarism-free-now!
Writing: Once you understand the topic, write out a plan for your industry. For many businesses, it is a new function to have a detailed strategy, a risk management approach, an IRP, and the incorporation of that into their governance structure in an extremely specific and tactical way. For that and other reasons, providing solid analysis to support your recommendations is critical for corporate and employee buy-in, so that the organization follows the requirements and so that you get a budget supported by other company divisions for your work.
Make sure that your IRP addresses each of the following prompts:
Policies for data access, legal and regulatory requirements, and/or other industry standards:
State and explain the organizational policies and procedures for data and information access.
List and explain several legal and regulatory requirements that apply to your chosen industry.
Provide additional information on a governing body and/or other industry standards that apply.
Provide a detailed timeline of the various departments in the organization with their corresponding roles and responsibilities to respond to an incident, including specific hours/weeks and other time-sensitive information needed for the response to be effective.
Map the business to key NIST or other industry best practices to demonstrate compliance:
List company policies such as access control, recovery procedures, and restoration procedures, and analyze how to map them to NIST or another IR protocol
Discuss improvements (e.g., continuous training, updated internal controls, buying software or hardware, and contracting with third-party vendors for additional monitoring), and analyze how they would help.
List all the reporting that is required by either federal or state requirements after a breach, and analyze how other business departments (e.g., legal, HR, and finance) should be involved in the response.
Evidence of skills: Demonstrate your knowledge of incident management protocols, security awareness programs, and recovery planning.
Write the paper with an organized, logical flow of information. Cite authoritative sources sufficient to show that your analysis is based on the documents provided and other documents you find through your research. Please use a consistent citation style.

Reference no: EM133923394

Questions Cloud

Should we ask the customer to change address on exemption : Should we ask the customer to change the address on the exemption certificate, or should we update our system?
Systematic reviews are the strongest representation : Mixed-method designs combine nursing's two scientific paradigms. Systematic reviews are the strongest representation of evidence.
What policies would state officials need to have in place : Define the term and explain why it is a good tool for governments with limited resources to use to provide citizens with access to governmental resources
What the factors are that influence public opinion of police : Explain what the factors are that influence public opinion of the police. Are these opinions fair? Why or Why not?
Design an incident-response plan : write a paper that provides a detailed incident-response plan (IRP) for a breach. As a governance professional, you must design an IRP that aligns with your
Changes to us drug policy that would improve its legitimacy : Describe proposed changes to U.S. drug policy that would improve its legitimacy.
Patient is in respiratory distress : An older patient in a persistent confused state was recently admitted to a nursing home. How would the nurse know that this patient is in respiratory distress?
Explain your perspective on the ncsips shift : Explain your perspective on the NCSIPs shift to partnering with and relying on the private sector. List 5 key elements of the plan and analyze them
Explain what actions you would take to align your business : Describe your organizations business goals, mission, objectives, and how the requirements would support them. Use the implementation tiers in NIST to assess

Reviews

Write a Review

Other Subject Questions & Answers

  Cross-cultural opportunities and conflicts in canada

Short Paper on Cross-cultural Opportunities and Conflicts in Canada.

  Sociology theory questions

Sociology are very fundamental in nature. Role strain and role constraint speak about the duties and responsibilities of the roles of people in society or in a group. A short theory about Darwin and Moths is also answered.

  A book review on unfaithful angels

This review will help the reader understand the social work profession through different concepts giving the glimpse of why the social work profession might have drifted away from its original purpose of serving the poor.

  Disorder paper: schizophrenia

Schizophrenia does not really have just one single cause. It is a possibility that this disorder could be inherited but not all doctors are sure.

  Individual assignment: two models handout and rubric

Individual Assignment : Two Models Handout and Rubric,    This paper will allow you to understand and evaluate two vastly different organizational models and to effectively communicate their differences.

  Developing strategic intent for toyota

The following report includes the description about the organization, its strategies, industry analysis in which it operates and its position in the industry.

  Gasoline powered passenger vehicles

In this study, we examine how gasoline price volatility and income of the consumers impacts consumer's demand for gasoline.

  An aspect of poverty in canada

Economics thesis undergrad 4th year paper to write. it should be about 22 pages in length, literature review, economic analysis and then data or cost benefit analysis.

  Ngn customer satisfaction qos indicator for 3g services

The paper aims to highlight the global trends in countries and regions where 3G has already been introduced and propose an implementation plan to the telecom operators of developing countries.

  Prepare a power point presentation

Prepare the power point presentation for the case: Santa Fe Independent School District

  Information literacy is important in this environment

Information literacy is critically important in this contemporary environment

  Associative property of multiplication

Write a definition for associative property of multiplication.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +91-977-207-8620

Phone: +91-977-207-8620

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd