After a very successful week of development for evaluating the technical, management, and operational security controls, the internal federal C&A team will need to address how the organization will implement the FISMA C&A Package SP800-52 Controls for incident response (IR) and contingency planning (CP).
In a report of 3-5 pages, provide an explanation of the CP and IR processes. The report should contain the following:
• Title page
• Introduction to the paper
• Explanation of the information technology (IT) contingency planning process to include an understanding of the required business impact analysis
• Identification of preventative controls and the development of recovery strategies
• Information needed for the CP development, examples of which include the following:
o Notification/activation phase: Notification procedures, damage assessment, and plan activation
o Recovery phase: Sequence of recovery activities and procedures
o Reconstitution phase
• Identification of the technical requirements to be implemented by a CP coordinator, examples of which include the following:
o Backup of offsite storage of data and applications
o Critical system redundancy
o Documentation of system configurations
o System interoperability and configured power management systems
• Conclusion slide summarizing the CP and IR processes
• Reference page in APA format.