Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

1. Why is it a good idea to include human resources on the incident response man

ID: 670870 • Letter: 1

Question

1. Why is it a good idea to include human resources on the incident response management team?

2. How do an incident response plan and incident response team help reduce risks to the organization?

3. Why is a post-mortem review of an incident the most important step in the incident response methodology?

4. Why is a policy definition required for a computer security incident response team?

5. Why is it critical to align the RTO and RPO standards within the policy definition itself?

6. How do risk management and risk assessment relate to a business impact analysis for an IT infrastructure?

7. Why should organizations update their BCP, BIA, RTOs, and RPOs?

Explanation / Answer

It a good idea to include human resources on the incident response management team because Incidents that involve employees of company are better handled by HR. Incident Response Team is carefully selected team of highly specialized people who investigate the incident correctly for quick recovery. Team has people from upper management level, IT, security, HR etc who can work on the plan from all dimensions and can reduce risks to the organization. Because post mortem review reveals all the hidden realities of the incident like who did it, when and how. After considering these points, decisions can be taken. Policy is required so that the team can work according to that policy in a well organised way so as to solve it successfully. Terms and conditions of policy give a framework to the team to work in coordination. Recovery Time Objective (RTO)and Recovery Point Objective(RPO) cannot be predecided. It depends upon the incident severity that how much time the system can work without that particular service and how much data is lost during the incident. It varies every time. So it is critical to align them in the policy definition. With an IT infrastructure we can perform risk management and risk assessment with softwares. It all depends upon the better security, training of employees and upgradation of the technology that reduces risk for the company. Also an efficient IT security can do accurate assessment of the possible risks. Business continuity planning(BCP), Business Impact Analysis(BIA), RTO and RPO should be updated to make the company efficient with changing time, to include newer methodologies in the work. RTO and RPO updation results in better recovery with recent and short backups. BCP updation will enable the smooth working of organization even during the incident. BIA updation can better analyse the impact of an incident on the business.

Related Questions

1. Why do you suppose the eastern and Western North American dinosaurs are diffe
Question #295144
1. Why do you think Facebook has become increasingly popular? 2. Is regular Face
Question #3510198
1. Why do you think Fannie Mae waited more than six months after Freddie mac fil
Question #2659056
1. Why do you think so many people unknowingly follow The Christian faith, while
Question #3469643
1. Why do you think that cells duplicate their chromosomes before dividing inste
Question #21544
1. Why do you think that making data available to the public is important. List
Question #157738
1. Why do you think that making data available to the public is important. List
Question #157741
1. Why do you think that the Indian retail sector is so fragmented? 2. What are
Question #444222

Navigate

Previous
1. Why is it a disadvantage to use a large amount of sample on the hot stage? 2.
Next
1. Why is it a necessity to ensure successful design and construction coordinati

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.