NIST Assignment: Continuing the Business with Information Security and Risk Management
As a member of the security professional team, your organization is depending on you to help develop and maintain a contingency planning program for the information systems to support business continuity in case of an adverse event.
Input from security professionals should be considered each of the seven progressive stages of the information system development life cycle.
1. Develop the contingency planning policy statement. A formal policy provides the authority and guidance necessary to develop an effective contingency plan.
2. Conduct the business impact analysis (BIA). The BIA helps identify and prioritize information systems and components critical to supporting the organization's mission/business processes. A template for developing the BIA is provided to assist the user.
3 . Identify preventive controls. Measures taken to reduce the effects of system disruptions can increase system availability and reduce contingency life cycle costs.
4. Create contingency strategies. Thorough recovery strategies ensure that the system may be recovered quickly and effectively following a disruption.
5. Develop an information system contingency plan. The contingency plan should contain detailed guidance and procedures for restoring a damaged system unique to the system's security impact level and recovery requirements.
6. Ensure plan testing, training, and exercises. Testing validates recovery capabilities, whereas training prepares recovery personnel for plan activation and exercising the plan identifies planning gaps; combined, the activities improve plan effectiveness and overall organization preparedness.
7. Ensure plan maintenance. The plan should be a living document that is updated regularly to remain current with system enhancements and organizational changes
Prepare
Review the Discussion Requirements above.
Research
Review the most recent (the last 10 days) news impacting the selected industry (identified by your team). Identify one significant challenge
for your team as you address one or more stage from above.
Tasks
1. Start your initial post with the name of your group
2. Identify the role you are now playing in your group
3. Base on your research, explain why (or why not) your findings will be a challenge to your team as you address one or more stages of the information system development life cycle identified above.
4. You must provide examples of why you think this is a challenge or a benefit to the organization.
5. Give your classmates a direct link to the article you read to support your stance
Remember your initial post should be purposeful and aim to accomplish one or more of the following goal:
1. Reflection of the topic
2. Analysis
3. Elaboration
4. Application
5. Synthesis
6. Evaluation
All responses should be substantive posts consist of the following three parts (ABC):
1. acknowledge
2. build
3. continue.
Format your assignment according to the following formatting requirements:
1. The answer should be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides.
2. The response also includes a cover page containing the title of the assignment, the student's name, the course title, and the date. The cover page is not included in the required page length.
3. Also include a reference page. The Citations and references should follow APA format. The reference page is not included in the required page length.