Hello and welcome to I t. Security Policy Training from Cyber Harry. This is part of module to contingency plan policy
and its story myself. Troy Lemaire
Learning objective for this training
will be to learn the emergency mode operation and the requirements of this policy.
But this policy is a template that we have from health i t dot gov
on the continues he's planned policy
purposes policy establishing implement policies, procedures for responding to an emergency or other currents
scope of the policies directed to the I T management staff whose economy and ensure the plan is developed, tested and kept up to date
So far. Emergency mode operations here The officer Shall we response for Del Valle Ping and regularly updating emergency mode Operation plan for the purpose of
didn't know operations during such time frame that information systems are unavailable
and the plan should have a sufficient level of detail. An explanation that person unfamiliar with systems can implement the plan occasion of an emergency or disaster.
So in the first paragraph, security officer can be replaced with I t manager or whoever would be the person that is really responsible for keeping this operation plan up to date,
and then in the second part you can list out
certain details that you would want, such as if you have certain systems, other keys to the kingdom that basically or the most important systems within your organization. You can list those here if you want to have them specifically spelled out
Looking at the requirements. The emergency mode operation plan shall include the following, and this is something that you can change out as you need to to make sure that it's covering the things that you would want to cover in your organization. But
current copies of the information system inventory and network configuration developed and updated
copy of the written backup procedures
Identification of an emergency response team members of such team shall responsible for the following
that is determined the impact of a disaster or system unavailability.
Identifying and implementing appropriate workarounds during such time, information systems are unavailable
and taking such up necessary to restore operations
disaster recovery plan versus a contingency plan does. That's recovery is what you would do after the fact to restore your data, whereas a contingency plan is what you would do
while your systems are unavailable to make them become available
in the need of that emergency. So one is planning how you would restore things, and one is planning how you would actually keep things going so they are quite different and they have each individual purpose and shouldn't be confused to be the same thing for one time. Events
begin is always policy compliance. Info. SEC team will verify compliance through various methods.
Exceptions need to be approved in advance and not compliance. Is an employee found to have violated policy may be subject to disciplinary action up to and including termination of employment.
So in summary in today's lecture, we talked about the contingency plan policy, emergency mode operation
and the requirements.
Recap question Emergency mode Operation plan should include the following
that would be an emergency response team.
Also, the emergency mode operation plan shall include the following,
taking such steps necessary to blank operations
that would be restored operations
the next lecture We're gonna look at general policies again data backup policy.
If you have any questions, any clarifications, I bury message.
My username is that trial Mayor, Thank you for attending this side. Very training