Citadel Information Group

  • Home
  • About Us
    • About Citadel
    • Who We Are
    • When To Call Citadel
  • Services
    • Overview: Delivering Information Peace of Mind ® to Business and the Nonprofit Community
    • Citadel’s Information Peace of Mind ® Program
    • Assessments and Reviews
    • Information Security Policies and Standards
    • Secure The Human
    • Phishing Defense Training
    • CCPA and Defendable Security Procedures and Practices
    • Privacy: Information Inventory / Data Mapping
    • Security Management of the IT Network / Infrastructure
    • Incident Response / Business Continuity
    • Secure Application Development — Learn By Doing
    • Litigation Support
    • Keynotes
    • Client Success Stories
  • Blog
  • Resources
    • Information Security Library
      • Citadel Guides
      • Awareness Posters
      • For Boards and the C Suite
      • Cybersecurity Law
      • Cybersecurity Surveys
      • HIPAA HITECH
      • Insurance and Risk Management
      • National Cybersecurity
      • Online Bank Security
      • Payment Card Industry Data Security Standard
      • Personal Cybersecurity
      • Securing the IT Network
      • Helpful Links
    • Blogs
      • Cybersecurity Blogs
      • Leadership and Culture Change Blogs
  • Contact
You are here: Home / Overview: Delivering Information Peace of Mind ® to Business and the Nonprofit Community / Incident Response / Business Continuity

Incident Response / Business Continuity

Citadel’s Consolidated Information Security Incident Response and Business Continuity Plan

When you fail to prepare, you’re preparing to fail — John Wooden 

Citadel’s Consolidated Information Security Incident Response and Business Continuity Plan together with its accompanying Excel Workbook Incident-response-management-lists is designed to provide a high-level integrated incident response and business continuity plan for mid-size and smaller size organizations. [1]

The Consolidated Plan

The Consolidated Plan is designed to document high-level procedures to follow in the event of a suspected security incident. It is also designed to document operational workarounds in the event of an information continuity disruption to your business operations.

As an Incident Response Plan, the Consolidated Plan is designed to ensure effective management response to information security incidents by providing practical high-level guidelines for rapidly detecting incidents; analyzing, prioritizing, and handling incidents to minimize loss and destruction; mitigating the weaknesses that were exploited and restoring information services to normal operations.

As an information technology Business Continuity Plan, the Consolidated Plan is designed to ensure an organization’s critical business technology functions will be sustained during and after a significant disruption, either continuing to operate during the disruption or recovering to an operational state within a specified time period.

Consolidated Plan Deliverables

Citadel’s Consolidated Information Security Incident Response and Business Continuity Plan — Deliverables

  1. A perpetual use, non-exclusive license to Citadel’s Consolidated Information Security Incident Response and Business Continuity Plan, branded with your name and logo
  2. Incident-response-management-lists (An Excel workbook to be completed by client)
  3. Security-incident-form (for use in managing a security incident)
  4. Information-technology-business-continuity-form (for use in managing a business disruption)
  5. Two (2) hours of implementation support

Implementing the Consolidated Plan

Citadel provides an Excel workbook Incident-response-management-lists as a place to collect and store information necessary to effectively respond to an information security incident and restore operations in the event of a business disruption.

  1. Names, roles and contact information for the Incident Response Team (IRT), staff, vendors (including vendors needed to respond to an incident), and key clients
  2. Regulatory, contractual and compliance requirements
  3. A Business Impact Analysis covering all critical business functions for use in prioritizing system restoration and identifying resources needed to maintain or resume operations
  4. Specific recovery procedures for high-impact scenarios
  5. An inventory of all hardware needed for business operations, including servers, workstations, laptops, printers, faxes, cell phones, firewalls, routers, switches, wireless access points, etc.
  6. An inventory of all software needed for business operations, including workstation software, server software, on-line software (SaaS), and other cloud services
  7. An inventory of all connectivity required for business operations, including the local area network, Internet, telecommunications and wide area networks (WANs)
  8. An inventory of critical IT documents
  9. Location and configuration of all critical business information, including back-ups and shared folders
  10. Location of passwords and encryption keys
  11. An inventory of vital business records

Implementation Support

Citadel supports our clients implement and manage the Information Security Incident Response and Business Continuity Plan. Our services include

  1. Assistance in completing the Incident-response-management workbook
  2. Coordination with an IT vendor’s incident response plan
  3. Training staff and IT in the plan
  4. Testing the plan
  5. Table-top executive exercises (plan simulations)
  6. Incident / breach response services, including investigations and forensics (through our strategic alliance with Maryman & Associates).

Background Information & Additional Resources

SecureTheVillage: Getting Cyber-Prepared: Incident Response & Business Continuity

 

[1] The two disciplines of incident response and business continuity have many overlapping objectives and activities. While large organizations may typically have separate incident response plans and business continuity plans, this is often the result of both history and organizational structure. For mid-size and smaller organizations, these plans can be combined together into a single document.

Call us for a free confidential consultation:
323-428-0441

Get our newsletter

A weekly report of critical security updates and the latest cybersecurity news delivered to your inbox from Secure The Village.

Sign Up

Overview: Delivering Information Peace of Mind ® to Business and the Nonprofit Community

  • Citadel’s Information Peace of Mind ® Program
  • Assessments and Reviews
  • Information Security Policies and Standards
  • Privacy: Information Inventory / Data Mapping
  • SecureTheHuman
  • Client Success Stories
  • Security Management of the IT Network / Infrastructure
  • Phishing Defense Training
  • Incident Response / Business Continuity
  • CCPA and Defendable Security Procedures and Practices
  • Litigation Support
  • Secure Application Development — Learn By Doing
  • Keynotes

Get in touch

323 428 0441
info@citadel-information.com

Citadel Information Group
Citadel on Linkedin
SecureTheVillage on Linkedin

About Us

Citadel Information Group is a full service integrated information security management / governance firm. We work either consultatively or as part of a client’s senior management team, assisting our clients cost-effectively manage the confidentiality, privacy, integrity and availability of their information. Learn more.

Key Resources

  • The Citadel Way to Information Security Management
  • Creating a Cybersecurity Aware Culture
  • Secure Application Development: The CISO’s Role – a webinar with WhiteHat Security
  • Information Security Library

Copyright © 2018 by Citadel Information Group  All Rights Reserved | Privacy Policy