Incidence Response Policy

Incidence Response Policy
Gemini Info Systems (GIS), a small software company, has decided to better secure its computer systems after a flood in the area just missed their offices. If the flood would have hit GIS, all of their computer assets would have been destroyed forcing them to go out of business. The organization has on-site a hardware firewall, ten file servers, two web servers, one network-attached storage system with 60 TB of storage, one Windows 2012 Active Directory server for user access and authentication, 45 high-quality PCs, and a broadband connection to the Internet.

The management at GIS needs you to formulate an Incident-Response Policy. Its purpose is to eliminate (or greatly reduce) down time if future incidents occur. The Incident-Response Policy must stipulate the need to update or create the following:

Business-Continuity Plan (BCP) – list some of the elements a BCP includes,
Disaster-Recovery Plan (DRP) – list some sources to use as a template,
Incident-Response Team (IRT) – list the titles of its members, and
selection of an alternative site as part of the BCP – describe the merits of a hot, warm, and cold site.
Remember, policies are high level and NOT overly detailed. Don’t go down the rabbit hole of creating any of these plans. Your job is to create the policy statement that authorizes the creation of these plans and the IRT.

Incident-Response Policy
Incident-response policies are organized approaches that are formulated by companies after they identify or experience a threat. Some of the strategies include upgrading or creating plans that respond to incidents, help in recovery and continuity of organizational functionality.
Business Continuity Plan (BCP)
A BCP focuses on elements such as governance, impact analysis, steps to execute the BCP, and readiness of the organization to implement the BCP. Selections of alternative sites are also considered with choices ranging from hot, warm, and cold sites (Segue, 2013). Gemini Info Systems will adopt:
• Hot sites – backup centers that run concurrently with the main database.
• Cold sites – office spaces that can be used by an organization in case their headquarters are compromised.
• Warm sites – alternative office spaces with preinstalled servers ready for installation of company hardware.
Disaster Recovery Plan (DRP)
A DRP is a documented and structured approach that will direct GIS in the event of an incident. Such an approach will enable GIS to resolve data loss and recover functionality hence resuming back to work quickly. The following template may be used:
https://www.microfocus.com/media/unspecified/disaster_recovery_planning_template_revised.pdf
https://www.disasterrecoveryplantemplate.org/wp-content/uploads/DisasterRecoveryPlanTemplate.org-Disaster-Recovery-Plan-Sample.pdf
Incident-Response Team (IRT).
There is need for a team to manage the situation and it shall include:
• A public relations expert – to handle all media related scenarios
• A legal expert – will defend the organization against liabilities since they have the capability to inform decision-makers before and during incidents (Henri, 2018).
• A computer security incident response team (CSIRT) – a group of individuals responsible for the detection, retention, and elimination of cyber threats.
Through the implementation of these strategies, GIS may rest assured that future incidents will be handled swiftly to regain full control of operations.

References
Henri, V. (2018). Key Roles and Responsibilities for your Incident Response Team. Retrieved from https://www.hitachi-systems-security.com/blog/roles-responsibilities-incident-response-team/#:~:text=NIST’s%20publication%20800%2D64%20proposes,and%20escalading%20procedures%20when%20necessary.
Sugue. (2013). The Three Stages of Disaster Recovery Sites. Retrieved from https://www.seguetech.com/three-stages-disaster-recovery-sites/

In need of this or similar assignment solution?
Trust us and get the best grades!
The Benefits You Get With Our Service
What would I want while being a student? This is the way we think to provide quality services. That is why, with our team you get:
Team of high-qualified writers
We believe that only a professional writer can provide perfect homework services. That is why we give them tests to check English level, writing skills and discipline knowledge.
Uniqueness guarantee
The one of the obligatory things for homework is to make it unique. We understand that it is easy to check plagiarism, so every author writes papers from scratch.
Personalized papers
We follow all the customer’s requirements. The more information you give, the more personalized papers will be. No one will find out that you haven’t worked on the homework yourselves.
Free revisions and corrections period guaranteed
We make sure that each work we deliver is perfect, but we always spare our customers the chance to make amendments. All the clients can request free revision and corrections within 10 days after the final version of paper is delivered.
/4