ISACA CISM – Domain 04 – Information Security Incident Management Part 13
77. Other Recovery Operations Now, some of the other operations we look at in the recovery, of course, is documentation. Now, documentation is important because, number one, we can learn from previous events. It’s a great way of being able to review the entire process. Not only does it let us learn, but it lets… Read More »
ISACA CISM – Domain 04 – Information Security Incident Management Part 12
69. Analyzing Test Results Part1 Now, as the Information Security Manager, you need to be certain that your technology and architecture are a part of the recovery plan that’s going to be tested. It’s important because in today’s world, the It infrastructure is a large part of most of the organizations. You might not have… Read More »
ISACA CISM – Domain 04 – Information Security Incident Management Part 11
62. Incident Management Response Teams Now, when we look at the Incident Management Response Teams, there are responsibilities we have to assign. They are categorized. We have the emergency action team. These are the people that are going to pretty much be responsible for making sure everything is getting done. The evacuations kind of like… Read More »
ISACA CISM – Domain 04 – Information Security Incident Management Part 10
57. Goals of Recovery Operations Part1 Now, goals of recovery? Well, goals of recovery is to get us back to where we were when the incident occurred. I think that’s the easy statement. Your recovery strategies, though, will depend on the size and complexity of the organization. So it’s one thing to say the goal… Read More »
ISACA CISM – Domain 04 – Information Security Incident Management Part 9
50. Escalation Process for Effective IM So let’s take a look at the escalation process for effective, not incident messaging. Remember, we’re talking about incident managing. So what we basically when we think of escalation, that means things are going from incident to worse and we need to kind of look at that. And that… Read More »
ISACA CISM – Domain 04 – Information Security Incident Management Part 8
45. Lesson 8: Developing an Incident Response Plan Now, in this lesson, we’re going to talk about developing an Incident Response plan. So what we’ll do is we’ll talk about the elements of the IRP or incident Response plan, which will also include a discussion about gap analysis, the business impact analysis, an escalation process,… Read More »
ISACA CISM – Domain 04 – Information Security Incident Management Part 7
39. Management Metrics and Monitoring Part1 Managing also means we have to have measurements that we can respond to and make decisions about, right? I said it before, you can’t manage what you can’t measure. And so part of managing, again, is the metrics and monitoring. And now, I know we’ve talked about this many… Read More »
ISACA CISM – Domain 04 – Information Security Incident Management Part 6
31. Audits Now, don’t be afraid of audits. Audits are an important aspect of what we should be doing. And by the way, I look at audits as being proactive. Now, again, we can do internal audits where we have our inhouse experts, people that work for the organization that try to go past the… Read More »
ISACA CISM – Domain 04 – Information Security Incident Management Part 5
27. Personnel All right, let’s take a look at the personnel for our incident management team. So I’ll call that the IMT. As you can see it down here. So here’s the thing. This shouldn’t be a temporary position. If we’re going to have a management team, those members, as I said, should be permanent… Read More »
ISACA CISM – Domain 04 – Information Security Incident Management Part 4
20. Responsibilities Part1 When we talk about responsibilities, there’s usually, I guess you could say, a number of incident management responsibilities that we have to undertake and one of those and again the security manager might be tasked with having to get this set up. But one of them starts off with just saying that… Read More »
