slide1 n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Fundamentals of Information Systems Security Chapter 8 Risk, Response, and Recovery PowerPoint Presentation
Download Presentation
Fundamentals of Information Systems Security Chapter 8 Risk, Response, and Recovery

Loading in 2 Seconds...

play fullscreen
1 / 24

Fundamentals of Information Systems Security Chapter 8 Risk, Response, and Recovery - PowerPoint PPT Presentation


  • 248 Views
  • Uploaded on

Fundamentals of Information Systems Security Chapter 8 Risk, Response, and Recovery. Learning Objective. Describe the principles of risk management, common response techniques, and issues related to recovery of IT systems. Key Concepts.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Fundamentals of Information Systems Security Chapter 8 Risk, Response, and Recovery' - maren


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
slide1

Fundamentals of Information Systems Security

Chapter 8

Risk, Response, and Recovery

slide2

Learning Objective

  • Describe the principles of risk management, common response techniques, and issues related to recovery of IT systems.
key concepts
Key Concepts
  • Quantitative and qualitative risk assessment approaches
  • Business impact analysis (BIA)
  • Business continuity plan (BCP)
  • Disaster recovery plan (DRP)
  • Elements of an incident response plan
slide5
BCP
  • A plan designed to help an organization continue to operate during and after a disruption
  • Covers all functions of abusiness: IT systems,facilities, and personnel
  • Generally includes onlymission-critical systems
bcp elements
BCP Elements
  • Purpose and scope
  • Assumptions and planning principles
  • System description and architecture
  • Responsibilities
bcp elements continued
BCP Elements (Continued)
  • Notification or activation phase
  • Recovery and reconstitution phases
  • Plan training, testing, and exercises
  • Plan maintenance
slide8
DRP
  • Includes the specific steps and procedures to recover from a disaster
  • Is part of a BCP
  • Important terms:
    • Critical business function (CBF)
    • Maximum acceptable outage (MAO)
    • Recovery time objectives (RTO)
drp elements
DRP Elements
  • Purpose and scope
  • Disaster or emergency declaration
  • Communications
  • Emergency response and activities
drp elements continued
DRP Elements (Continued)
  • Recovery steps and procedures
  • Critical business operations
  • Recovery operations
  • Critical operations, customer service, and operations recovery
slide11
BIA
  • A study that identifies the CBFs and MAOs of a DRP
    • Studies include interviews, surveys, meetings, and so on.
  • Identifies the impact to the business if one or more IT functions fails
  • Identifies the priority of different critical systems
bia elements
BIA Elements

Scope

  • It is affected by sizeof the organization.
  • For small organization,scope could includeentire organization.
  • For larger organizations,scope may include onlycertain areas.

Objectives

computer incident response team cirt plan
Computer Incident Response Team (CIRT) Plan
  • Outlines steps taken during a response effort and the roles and responsibilities of the team
  • Includes the five Ws + H:
    • Who launched the attack?
    • What type of attack occurred?
    • Where the attack occurred?
    • When the attack occurred?
    • Why the attack occurred?
    • How the attack occurred?
risk assessment
Risk Assessment
  • A process used to identify and evaluate risks
  • Risks are quantifiedbased on importanceor impact severity
  • Risks are prioritized
quantitative risk assessment
Quantitative Risk Assessment
  • Single loss expectancy (SLE)
    • Total loss expected from a single incident
  • Annual rate of occurrence (ARO)
    • Number of times an incident is expected to occur in a year
  • Annual loss expectancy (ALE)
    • Expected loss for a year

SLE X ARO = ALE

qualitative risk assessment
Qualitative Risk Assessment
  • Probability
    • Likelihood a threat will exploit a vulnerability
  • Impact
    • Negative result if a risk occurs

Risk level = Probability X Impact

importance of risk assessments
Importance of Risk Assessments
  • Is part of the overall risk management process
  • Helps you evaluate controls
  • Supports decision making
  • Can help organizations remain in compliance
summary
Summary
  • You can protect data and business functions with a BCP, DRP, BIA, and incident response plan.
  • Risk assessments include quantitative and qualitative approaches.