up

2020-01-30

• we don’t need every possible problem
  • problems are grouped by impact / affected system
  • we will create ‘runbooks’ for situations
  • There will be a generic runbook for un-forseen situations

Class Activity - IS Incident Analysis

• Create a sheet called IR Risk in the risk analysis doc
• Create a table
  • IS Incident Description
  • Likelihood
  • Impact
  • Mitigation cost
  • Risk score (Likelihood*impact)
• brainstorm a list of security incidents
  • Specific to our company
• Complete likelihood, impact, mitigation cost for each

Create IS Incident Response Plan

• Create doc with headings
  • Identification
  • Containment
  • Eradication
  • Recovery
  • Lessons Learned

Make edits to the Business Impact Assessment

• Description
• Data Collection
• System Resources