Home > Free Essays > Tech & Engineering > Computer Security >

Incident Response Team Overview Report (Assessment)

Exclusively available on IvyPanda Available only on IvyPanda
  1. Introduction
  2. Roles of IRT
  3. Incident Response Processes
  4. Response Policies
  5. Conclusion
  6. References

Introduction

  • IRT is a crucial division of an organization. The team has the responsibility of identifying and handling incidents in a systematic way to precisely investigate, lessen and report it to the concerned individuals in an organization.
  • Large and well established organizations should take it upon themselves to formally establish Incident Response Teams.
  • Small organizations should have an informal IRT (Kruse and Heiser, 2007).

Roles of IRT

  • The board of directors should be available for all the emergency meetings.
  • The Incident commander manages the overall responsibility.
  • The administrator oversees the investigation and notifies the insurance company and other administrators.
  • The security information officer examines the extent of the incident.
  • The information security officer prepares the summary of the incident and actions taken to correct the incident.
  • The information privacy officer checks on the personal information that may have been breached.
  • The network architecture analyzes the network traffic.
  • The operation system architecture examines all the system logs.
  • An auditor checks the systems to ensure that they comply with the security policies.
  • Human resource personnel provide the list of persons and the emergency contact information for.

Incident Response Processes

  • Prepare the organization and the IRT before the incident occur.
  • Identify the incident and initialize the investigation and record the details.
  • The response strategy is formed and the approval is obtained from the management.
  • The facts collected are reviewed.
  • The outcome of the investigation is then reported to the management/decision makers.
  • The security procedures are then taken in order to provide a long term solution.

Response Policies

  • Statement of commitment of the management.
  • Objectives and purpose of the policy.
  • The extent of the policy.
  • Definition of the incident and their effect within the context of the organization.
  • Prioritization of incidents.
  • Reporting and contact forms.

Conclusion

  • The staff should continually be given training concerning incidence response (Lucas and Moeller, 2004).
  • Documents and evidence are the key items that should be protected in the event of an incidence (Fadia, 2007).

References

Fadia, A. (2007). Network intrusion alert: an ethical hacking guide to intrusion detection. New York: Thomson Course Technology.

Kruse, W. G. and Heiser, J.G. (2002). Computer forensics: incident response essentials. New York: Addison-Wesley.

Lucas, J. and Moeller, B. (2004). The effective incident response team. New York: Addison-Wesley.

Rate
The iPremier Company: Denial of Service Attack Assessment of Firewall Security
Cite This paper
Select a referencing style:

Reference

IvyPanda. (2022, March 23). Incident Response Team Overview. https://ivypanda.com/essays/incident-response-team-overview/

Work Cited

"Incident Response Team Overview." IvyPanda, 23 Mar. 2022, ivypanda.com/essays/incident-response-team-overview/.

References

IvyPanda. (2022) 'Incident Response Team Overview'. 23 March.

References

IvyPanda. 2022. "Incident Response Team Overview." March 23, 2022. https://ivypanda.com/essays/incident-response-team-overview/.

1. IvyPanda. "Incident Response Team Overview." March 23, 2022. https://ivypanda.com/essays/incident-response-team-overview/.


Bibliography


IvyPanda. "Incident Response Team Overview." March 23, 2022. https://ivypanda.com/essays/incident-response-team-overview/.

Powered by CiteTotal, free citation maker
If, for any reason, you believe that this content should not be published on our website, please request its removal.
More related papers
Updated:
Rate
1 / 1