Incident response and management
Incident Response Team
IT University utilizes a central incident response team at their main campus. This incident response team is a single IR team that handles incidents throughout the organization. Due to the size of the IT University’s satellite campus, it is our recommendation that IT University utilize the existing incident response team structure to function as a threat assessment center for the IT University’s satellite campus.
The incident response team relies on the expertise, judgment, and abilities of the departments within the organization to effectively respond to an event. (Whitman & Mattford, 2010, p. 105). As part of future incident planning efforts, it is recommended that IT University management identifies additional incident handling personnel within the organization whose cooperation can be solicited in the event of an incident occurrence at the IT University’s satellite campus. Contact information for incident management teams, executive management, and key vendors should be kept up to date within the incident response policy and associated IR plans. Templates for the documentation of this information have been provided in Appendix E: Incident Management Contact Lists.
Incident response functional teams
A successful recovery from a disaster can only occur with total coordination of all incident management and recovery activities. In a crisis, each functional team has specific roles that contribute to the success of the recovery. Section 2 of the IR policy should outline these functional teams and define their responsibilities. UCG recommends the following functional teams be established to respond to incidents for the IT University’s satellite campus.
Incident Management Team
The Incident Management Team (IMT) assesses the physical and operational status of the IT University’s satellite campus immediately following an incident. After which the determination for personnel evacuation is determined. Directly following this is the situational reviews with security and building management conducted on an as needed bases. Reviews of the situation with local public sector agencies such as the police, fire, and / or EMT conducted on an as needed bases to provide input for the process for declaring a crisis or emergency as needed to organize and deploy the Emergency Operations Center (EOC) to manage all planning and operational aspects of the incident. The IMT also makes an effort to reduce and control the impact of the incident to the IT University satellite campus.
Damage assessment team
The Damage Assessment Team (DAT) assesses the physical condition of the IT University’s Satellite Campus immediately following an incident. Then evaluates the damage and / or destruction to physical and technologic assets to determine if an evacuation is mandatory and determines what recovery actions are required. Directly following this is the situational reviews with security and building...