November 12, 2021

Incident Response Plan

Order Instructions

Step 12: Compose Policy Components of an Incident Response Plan (IRP)

Now that you have a proposed breach management strategy, you are ready to begin development of an incident response plan (IRP) specific to a breach of PII. Compose the key policy components of an incident response plan in a list to be used as a basis for the next step.

Step 13: Itemize the Steps of an IRP

Start at the key policy component list from the last step and add postincident requirements already identified to itemize the actions it will take to accomplish these goals. Keep in mind the level of effort required and time involved to accomplish each element of the IRP.

You now have all the information necessary to create a comprehensive IRP. To get your mind set in the right direction, imagine that a breach affecting PII has occurred. It is the organization’s worst cyber incident. What do you do? How does the organization respond? What steps need to be taken to meet all the requirements you have identified in the Breach Management Strategy?

This step is to create a list or an outline; the use of a spreadsheet is recommended to facilitate subsequent steps in the project. The primary column is all of the actions or tasks that need to be completed in the IRP. As part of this first list, identify what department is responsible for what action by considering the functional areas of a financial institution.

You will build upon this list in the next step by adding the element of time to your spreadsheet documentation.

Step 14: Assign a Typical Timeline for an IRP

As a result of your Breach Management Strategy, are there specific timelines required by the regulatory compliance you referenced? If so, that should be your starting point for creating the IRP timeline. These are referred to as project “milestones.” Look at the list you created in the previous step and put those milestones in a required response time sequence.

When building the timeline, pay attention to elements that depend on previous elements—things that must be completed before a following action can be started. In project management, these are referred to as “critical path” items.

This section of creating the IRP must have all critical path items covered within regulatory milestones. It is not mandatory to assign perfect values to the actual time it takes to accomplish each action item. It is mandatory to show the milestone dates.

As an example, one reporting requirement for a financial institution suffering a PII breach is likely to be to notify all affected customers within 72 hours of the breach. That means you will have a customer notification milestone at three days in the IRP.

After you have added the milestone dates to your spreadsheet documentation, you will plan for implementation of the incident response plan in the next step.

Step 15: Plan for the IRP Implementation

This is the step where you tie together the requirements (milestones), the timeline (critical path), and which department will be responsible for what elements in the plan (accountability). Ensure all of the rows and columns in the spreadsheet are in alignment to accomplish the goal of minimizing the impact of the PII breach. It is the final step in creating the IRP. This spreadsheet will be included in your final IRP.

Now, it is time for the final step, in which you will explain the results of all your hard work on the IRP to senior leadership.

Step 16: Complete the Incident Response Policy Plan (IRP)

The resulting IRP should be a total of 10 to 12 pages that present an actionable plan to fully address a breach of the organization’s PII. It should include a final paragraph on your thoughts about how the recommendations are likely to be received.

This final step is to bring all the work together. Use what has been created in the previous steps as detail to support your completed plan on incident response. Synthesize the material and include all CIO (instructor) feedback received.

Include in your comprehensive IRP the review and findings from a policy approach to maintain or exceed compliance with all regulatory demands. In addition, demonstrate your adherence to the best possible outcome for victims of a PII breach.

Remember, confidence in and approval of the approach is mandatory. It has already been determined that a breach of the organization’s PII is a serious matter. The CEO and the rest of the executives are depending on your expertise to address the situation quickly and effectively. This IRP is that plan of action.

Submit the complete report to the CIO for approval and delivery to the senior leadership team.

Collepals.com Plagiarism Free Papers

Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.

Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS

Why Hire Collepals.com writers to do your paper?

Quality- We are experienced and have access to ample research materials.

We write plagiarism Free Content

Confidential- We never share or sell your personal information to third parties.

Support-Chat with us today! We are always waiting to answer all your questions.

Incident Response Plan

Related Posts

Week 5 assignment: Complete the following assignment in ‘one MS Word document’:? Textbook: Analytics, Data Science, & Artificial Intelligence: Systems for Decision Support Dursun

excel work Homework 5 need to be worked. Provide me the excel file with calculation. Week5 load approve is the file need to add a new sheet and work.? Question. Using data in e

To complete this assignment, review the prompt and grading rubric in the Module Four Stepping Stone Two Guidelines and Rubric. When you have finished your