Post Incident Management - PowerPoint by hcj


									Post Incident Management
Plan Development
The Process
Develop and Implement Preventive Measures

 An organisation can take several measures
  to prevent or minimise the effects of
 Many of these measures are inexpensive
  and easy to implement.
 Prevention is better than cure
    i.e. it is generally more expensive to fix something than to
    avoid breaking it.
   The following list includes some preventive
Preventive Measures
   Create and frequently update network and wiring
   Monitor the information systems and the server
    rooms environment
   Control the temperature in the server room
   Ensure that maintenance and server contracts will
    be honoured quickly in the event of a disaster
   Maintain a library of hardware and software
    manuals and keep them secure
   Secure all cabinets and servers in the server room
    (fix them to the walls and floor)
Preventive Measures
   Place fire extinguishers in the server room and
    ensure staff know how to use them
   Protect the information systems by connecting
    them to electrical surge protectors
   Ensure all staff are trained in appropriate
    shutdown procedures
   Install fire detectors and a fire suppression system
    in the server room
   Consider a back up generator for essential
Preventive Measures
 The use of fire retardant walls, floors,
  ceilings and doors should be considered for
  the server room
 Regular back ups of the server system.
  Ideally store these back ups off site.
 Maintain a store of essential supplies to
  keep the systems running
 Produce a call out list of qualified individuals
  and post it in the server room in case of
Preventive Measures
   Select and train appropriate employees to
    perform the following roles:
     Safety Officer
      Responsible for risk assessments of the building
      and facilities
     First Aid Officer
      Responsible for minor injuries and accidents in
      the work place. Liaise with emergency services
      in the event of a medical emergency or disaster
   Depending on the size of your organisation
    and facilities will dictate how many
    employees you will wish to train
Preventive Measures
 Install a security system which requires
  some form of identification and/or swipe
  card to be used by employees
 All visitors must report to a reception are
  and be signed in and out. Preferably
  escorted around your building by an
 Consider 24 hour security, either on site or
  reactive to any alarms.
Preventive Measures
 The installation of cameras are appropriate
  if someone is watching them 24/7,
  otherwise any crime or disaster will be
  taped but may not be avoided.
 Insurance companies may require a high
  level of security in order for your
  organisation to qualify for coverage.
 No plan is of any use to an organisation if
  regular drills and exercises are not
Recovery Strategies
   Typical recovery strategies for IT systems
     Hot Site – a ‘hot site’ is a fully configured
      system that consists of all your hardware and
      software which is ready to take over when your
      main frame fails.
     Warm Site – a ‘warm site’ is similar to the hot
      site but without the hardware. All off your
      software is available but will need to be loaded
      onto incoming hardware systems. This will take
      some time and will be a slow turn over.
Recovery Strategies
 Cold Site – a ‘cold site’ is merely a suitably
  identified room that can be used, in the
  event of a disaster, to reinstall new
  hardware and software in order to get your
  system back to normal. This is expensive
  and time consuming.
 Alternate systems and networks – this
  refers to systems and networks not used as
  the main frame but can be adapted for such
  use if required.
Recovery Strategies
   Reciprocal Agreements – this is an agreement
    between different companies. In the event of a
    disaster they can use each others systems. This
    requires compatible hardware and software.
       Advantages are low or no cost implications
       Disadvantages are the compatibility of hard and
   Two Data center – where a company is large
    enough to have several main frame systems in
    different facilities, even countries. They can
    transfer the running of their data whilst recovery
    takes place.
Recovery Strategies
 Vendor Contract – the vendor is contracted
  to supply equipment and/or services in the
  event of a disaster. The vendor may have
  many companies to cater for in the event of
  such a disaster, you may not be their first
  priority and supplies may run out.
 Any combination of the previous options.
Recovery Strategies
 Chain of Command and management must
  also be considered. In the unlikely event
  that senior managers are indisposed who
  will take over the decision making role?
 Do they have access to any swipe cards,
  keys, pass codes and sensitive information?
Contact List
 During an emergency situation, there is no
  time to figure out who are the right people
  to call.
 Produce and display a list of emergency
  personnel that should be contacted.
 On the list should be essential personnel
  and a brief description of their roles.
 This list should be frequently updated and
  copies held by all relevant departments and
Contact List – example layout
 Each team leader and essential person
  should be responsible for maintaining this
  contact list so that it is up to date
 Appropriate training should be identified for
  each role and individuals kept up to date
  with current thinking
 Senior management to authorise the regular
  use of drills and exercises to highlight
  individuals roles and responsibilities as well
  as test the Plan
Produce a List of Essential Items
 Keep a list of essential inventory items and
  their locations if already available.
 Within the list include vendors and or
  companies who will provide the equipment /
Consider the following
   Communication Equipment
   Documentation
   Computer Hardware
   Computer Software
   Equipment
   Off-site storage location
   Software and data back up
   Temporary location details
Essential Items
Each team leader should have access to the following:
   Cell Phone                 Whiteboards
   Computer (with             Flashlights
    internet connection)       First Aid Kit
   Fax                        Whistle
   Printer                    Water
   TV                         Utility Knife
   AM/FM radio                Glow Sticks
    (wind up if possible)      Two-way radio
   Paper and Pencil
Sample Emergency List
   Click button to go to sample emergency plan provided by

To top