Impact Analysis Part 3: Prevention and Response Strategies
Prior to or when security measures fail, it is essential to have in place several response strategies. In 1,250-1,500 words:
1. Explain how negotiations with accreditors on compliance should be dealt with. Provide an example.
2. Present appropriate response strategies that can be put into action (i.e., breach notification policies).
3. Present employee training recommendations for creating awareness of the organization’s security measurements.
4. Explain how to obtain feedback on the effectiveness of security policies from stakeholders. Provide an example.
5. Explain how to identify new threats, vulnerabilities, or any countermeasures that may not have been present/available when the initial security measures were first implemented. What mechanisms could be in place to catch any oversights? Explain how this would be reported/communicated. Example, an IT professional explains why a specific device is configured, why if it is compliant it will NOT work, or why if it is NOT compliant it does work.
6. Explain how operational managers, stakeholders, and/or individuals affected will be notified. Provide examples for each.
Identify organization management