Case Incident Response Protocols And Methods For Maintaining Information Assurance
The purpose of this statement of policy is to establish incident response protocols, disaster response protocols and methods for maintaining information assurance. This will outline procedures that are in accordance with legal and organizational regulation requirements and policies that will address any issues regarding information stored within the organization.
Incident Response Protocols
Unauthorized Facility Access:
If there is an unauthorized attempt to access the facility where the data files are kept the MPs will be notified immediately.
All personnel will report to one central location for accountability of staff and access cards and keys.
All computers and files will be checked for any missing or copied data.
Any act of removing data without consent will be deemed as theft.
All thefts of data will be reported to the MPs, the inspector general and military information assurance officers
Any data found improperly stored will be identified and reported to the company IT officer.
Justification of Incident Response Protocols
The MPs being alerted to an unauthorized facility access incident will allow for detainment of the trespasser and questioning. The questioning will allow us to determine were the failure is in our security. We can use the information obtained and restructure security so that an unauthorized attempt will not happen again.
We will check computers and files in effort to determine how a person…