24/7 network activity monitoring is an invaluable tool for enhancing your security posture. An effective Incident Response Plan (IRP) is essential to mitigating attacks, while a Disaster Recovery Plan (DRP) supports unexpected environmental obstacles to information systems.

For IRP and DRP, a company must develop strategies to recover from unexpected interruptions and exercise these plans to ensure all appropriate personnel are prepped and aware of their roles. In Topic 5, a Risk Management Plan (RMP) was developed, which can be used as a foundation for a Business Impact Analysis (BIA). Research the development of a BIA based on the RMP and prepare to identify the company’s critical assets. These assets will be used to aid in the development of a contingency plan to ensure business continuity in the presence of an event.

This assignment exercises the analysis and development of a Lite Contingency Plan (BIA, IRP, DRP, and Business Continuity Plan [BCP]). The first step in developing the plans is to create a workflow diagram. This is essential in displaying the relationship between the four components which is critical for the IRP and DRP, as an IRP can launch a DRP when a threat disrupts a system through ransomware, DDoS, or other malicious attacks against a system.

Use the following guidelines to write a 1,250-1,500-word report using the same corporate profile selected earlier and include the following:

Business Impact Analysis (BIA)

1. In one to two paragraphs, summarize the objective of conducting a BIA for your selected company. Describe the benefits, potential outcomes, and company enhancements.
2. Obtain the list of threats against the assets identified in your Topic 5 assignment, “Risk Management Assessment and Control,” and place them in a table. Prioritize this list from highest to lowest impact on the company.
3. Add a column and describe how the loss of the process, system, data, etc., will impact the company.
4. Assuming the worst-case scenario, add a column and describe the appropriate measures to recover from the threat.

Incident Response Plan (IRP)

Detail an IRP to include:

1. Brief overview.
2. Roles and responsibilities of the security organization (from users to CISO).
3. Reporting guidelines.
4. Activities to mitigate possible or real-time threats (e.g., system monitoring and incidence response).
5. Example workflows diagram – event to resolution.
6. Explanation of the six stages of incident handling related to the company.
7. Escalation procedures with an associated chart.
8. A sample Incident Response Plan (IRP) to mitigate possible or real-time threats with escalation matrices and contact grids.
9. Description of incident response strategies incorporating real-time monitoring tools and regulatory requirements.

Disaster Recovery Plan (DRP)

Develop a DRP that contains the following in alignment with the company:

1. Purpose
2. Scope
3. Roles and responsibilities
4. Resource requirements
5. Training requirements
6. Explanation of an exercise to test the DRP in a predetermined scenario
7. Maintenance schedules

Business Continuity Plan (BCP)

Address the following in the BCP:

1. Describe which usage strategy (Hot site, warm site, or cold site) the company will use and why the strategy is a benefit to the company.
2. Explain how the company will use and sustain the usage strategy.
3. Detail the critical systems/assets recovery procedures.
4. Provide processes to reestablish business operations and security operations. Include disaster to alternate site and restoration back to the original state.
5. Provide and describe a worst-case scenario timeline (disaster to recovery).
6. Describe readiness, training, exercises, and BCP process reviews/updates.

Include diagrams, tables, and charts as directed by the instructor.

While APA style is not required for the body of this assignment, solid academic writing is expected, and documentation of sources should be presented using APA formatting guidelines, which can be found in the APA Style Guide, located in the Student Success Center.

This assignment uses a rubric. Review the rubric prior to beginning the assignment to become familiar with the expectations for successful completion.

You are required to submit this assignment to LopesWrite. A link to the LopesWrite technical support articles is located in Class Resources if you need assistance.

Benchmark Information

This benchmark assignment assesses the following programmatic competencies:

BS Cybersecurity

6.2: Conduct an exercise to test the disaster recovery plan in a predetermined scenario.

7.2: Perform activities to mitigate possible or real-time threats (e.g., system monitoring and incidence response).

Answer Preview-Developing Contingency Strategies for Information System-ITT 430