Order Description
COM 590
Assignment 6
Answer all Eight (8) questions.
Submission Requirements
All sentences must be grammatically correct, and free from spelling errors.
Your answer should not exceed 250 words.
Submit a Single Microsoft Word Document.
Font: Times New Roman, Size 12, Double-Space.
Cite all references used in APA format.
Why is it a good idea to include human resources on the incident response management team?
How do an incident response plan and incident response team help reduce risks to the organization?
Why is a post-mortem review of an incident the most important step in the incident response methodology?
Why is a policy definition required for a computer security incident response team?
Why is it critical to align the RTO and RPO standards within the policy definition itself?
How do risk management and risk assessment relate to a business impact analysis for an IT infrastructure?
Why should organizations update their BCP, BIA, RTOs, and RPOs?
Create an organization-wide policy defining and authorizing a security or computer incident response team to have full access to and authority over all IT systems, applications, data, and physical IT assets when a security or other incident occurs. Create this for the Sunshine Credit Union, which has the following characteristics:
The organization is a regional XYZ Credit Union that has multiple branches and locations throughout the region;
Online banking and use of the Internet are the bank?s strengths, given its limited human resources;
The customer service department is the organization?s most critical business function;
The organization wants to be in compliance with the Gramm-Leach-Bliley Act (GLBA) and IT security best practices regarding its employees;
The organization wants to monitor and control use of the Internet by implementing content filtering;
The organization wants to eliminate personal use of organization-owned IT assets and systems;
The organization wants to monitor and control use of the e-mail system by implementing e-mail security controls;
The organization wants to implement this policy for all the IT assets it owns and to incorporate this policy review into its annual security awareness training;
The organization wants to create a security or computer incident response team to deal with security breaches and other incidents if attacked providing full authority for the team to perform whatever activities are needed to maintain chain of custody in performing forensics and evidence collection;
The organization wants to implement this policy throughout the organization to provide full authority during crisis to the CIRT team members over all physical facilities, IT assets, IT systems, applications, and data owned by the organization.
Using the following template, in your text document, create a computer incident response policy granting team members full access and authority to perform forensics and to maintain a chain of custody for physical evidence containment. Create this policy for the Sunshine Credit Union organization (this should not be longer than two pages):
Sunshine Credit Union
Computer Incident Response Team?Access & Authorization Policy
Policy Statement
{Insert policy verbiage here.}
Purpose/Objectives
{Insert the policy?s purpose as well as its objectives; use a bulleted list of the policy definition. Define the security incident response team members and the authorization and authority granted to them during a crisis or securing incident situation.}
Scope
{Define this policy?s scope and whom it covers. Which of the seven domains of a typical IT infrastructure are impacted? What elements, IT assets, or organization-owned assets are within the scope of this policy? What access and authority are granted to the incident response team members that may be outside of standard protocol?}
Standards
{Does this policy point to any hardware, software, or configuration standards? If so, list them here and explain the relationship of this policy to these standards.}
Procedures
{Explain how you intend to implement this policy across the organization. Also, define and incorporate the six-step incident response approach here along with how the chain of custody must be maintained throughout any evidence collection process.}
Guidelines
{Explain any roadblocks or implementation issues that you must address in this section and how you will overcome them per defined policy guidelines.}
