Information Security and Risk Management
NOTE: BEFORE TURNING THIS IN, REMOVE THE HIGHLIGHTED TEXT.
Task 1. Complete the BIA table below and use it for the remainder of the assignment.You may want to review your Lab #07 assignment where you developed a BIA table.
Information needed to create the Business Functions and Processes below are in the "Project Management Plan" scenario and the "Project Health Network Visual". Hint: look at the processes that go from the customers and into the systems/applications in the "Project Health Network Visual".
Task 1: Business Impact Analysis - extracts from the Boiler Plate
1. Overview
This Business Impact Analysis (BIA) is developed as part of the contingency planning process for the HNetExchange Message system, HNetConnect Directory system and HNetPay Payment system. It was prepared for Health Network, Inc (Health Network).
2. System Description
Indicate the operating environment (i.e. Data Center, etc), physical location, general location of users, and partnerships with external organizations/systems. Include information regarding any other technical considerations that are important for recovery purposes, such as backup procedures or the lack of backup procedures.>
3.1.1 Identify Outage Impacts and Estimated Downtime
Estimated Downtime
The table below identifies the MTD, RTO, and RPO for the organizational business processes that rely on theHNetExchange Message system, HNetConnect Directory system and HNetPay Payment system.
Task 2: Business Continuity Plan - extracts from the Boiler Plate
Task 3: Disaster Recovery Plan - extracts from the Boiler Plate
Task 4: Computer Incident Response Team Plan - extracts from the Boiler Plate
• Loss of company information on lost company-owned laptop
COMPLETE ALL HIGHLIGHTED AREAS BELOW.>
• Identify the nature of the incident
o What Business Process was impacted
o What threat was identified
o What weakness was identified
o What risk was identified
o What was the Risk Factor/Impact of the incident
o What was the RTO, MTD and RPO assigned to the business process
o What hardware, software, database and other resource were impacted
• What needs to be done to limit the scope of the incident
• What needs to be done to mitigate the risk of the incident
• What needs to be done to recover the IT systems
o What procedures need to be used and are they covered in the Disaster Recovery Plan
o Would the Business Continuity Plan be executed in response to this incident
o Would any issues be identified that would lead to updates to the BIA, BCP or DR plans.
Attachment:- Final Project.rar