Incident Response Team Overview

Do you need this or any other assignment done for you from scratch?
We have qualified writers to help you.
We assure you a quality paper that is 100% free from plagiarism and AI.
You can choose either format of your choice ( Apa, Mla, Havard, Chicago, or any other)

NB: We do not resell your papers. Upon ordering, we do an original paper exclusively for you.

NB: All your data is kept safe from the public.

Click Here To Order Now!

Introduction

  • IRT is a crucial division of an organization. The team has the responsibility of identifying and handling incidents in a systematic way to precisely investigate, lessen and report it to the concerned individuals in an organization.
  • Large and well established organizations should take it upon themselves to formally establish Incident Response Teams.
  • Small organizations should have an informal IRT (Kruse and Heiser, 2007).

Roles of IRT

  • The board of directors should be available for all the emergency meetings.
  • The Incident commander manages the overall responsibility.
  • The administrator oversees the investigation and notifies the insurance company and other administrators.
  • The security information officer examines the extent of the incident.
  • The information security officer prepares the summary of the incident and actions taken to correct the incident.
  • The information privacy officer checks on the personal information that may have been breached.
  • The network architecture analyzes the network traffic.
  • The operation system architecture examines all the system logs.
  • An auditor checks the systems to ensure that they comply with the security policies.
  • Human resource personnel provide the list of persons and the emergency contact information for.

Incident Response Processes

  • Prepare the organization and the IRT before the incident occur.
  • Identify the incident and initialize the investigation and record the details.
  • The response strategy is formed and the approval is obtained from the management.
  • The facts collected are reviewed.
  • The outcome of the investigation is then reported to the management/decision makers.
  • The security procedures are then taken in order to provide a long term solution.

Response Policies

  • Statement of commitment of the management.
  • Objectives and purpose of the policy.
  • The extent of the policy.
  • Definition of the incident and their effect within the context of the organization.
  • Prioritization of incidents.
  • Reporting and contact forms.

Conclusion

  • The staff should continually be given training concerning incidence response (Lucas and Moeller, 2004).
  • Documents and evidence are the key items that should be protected in the event of an incidence (Fadia, 2007).

References

Fadia, A. (2007). Network intrusion alert: an ethical hacking guide to intrusion detection. New York: Thomson Course Technology.

Kruse, W. G. and Heiser, J.G. (2002). Computer forensics: incident response essentials. New York: Addison-Wesley.

Lucas, J. and Moeller, B. (2004). The effective incident response team. New York: Addison-Wesley.

Do you need this or any other assignment done for you from scratch?
We have qualified writers to help you.
We assure you a quality paper that is 100% free from plagiarism and AI.
You can choose either format of your choice ( Apa, Mla, Havard, Chicago, or any other)

NB: We do not resell your papers. Upon ordering, we do an original paper exclusively for you.

NB: All your data is kept safe from the public.

Click Here To Order Now!