Review of SP 800-34 document: The special publication “SP 800-34, Contingency Planning Guide for Information Technology Systems , June 2002” includes the directions that are essential for expressing a plan for the different types of disasters, events and different circumstances which are needed in the business continuity. The NIST method that has been used in the special publication SP 800-34 describes a procedure which contains seven steps are as follows: Development of the statements regarding the business continuity planning policies The formal organizational policy must provide direction and power to the development of an efficient Business Continuity Plan (BCP). Review of the BIA: The help of the Business Improvement Area (BIA) is needed for the identification and prioritization of the important IT systems and different components. Prevention controls have to be identified: Numerous approaches that are carried out for the reduction of the penalties of the system concern will eventually raise the availability of the system and will also result in reducing the life cycle cost...

Management Of Information Security

6th Edition

ISBN: 9781337405713

Author: WHITMAN, Michael.

Publisher: Cengage Learning,

See similar textbooks

Concept explainers

Types of Security Policy

An information security policy is a formal, high-level statement or plan that embraces an organization's general beliefs, objectives, goals, and acceptable procedures for information security. It defines a set of rules, procedures, and policies designed …

Expert Solution & Answer

Chapter 10, Problem 2E

Explanation of Solution

Review of SP 800-34 document:

The special publication “SP 800-34, Contingency Planning Guide for Information Technology Systems, June 2002” includes the directions that are essential for expressing a plan for the different types of disasters, events and different circumstances which are needed in the business continuity.

The NIST method that has been used in the special publication SP 800-34 describes a procedure which contains seven steps are as follows:

Development of the statements regarding the business continuity planning policies

The formal organizational policy must provide direction and power to the development of an efficient Business Continuity Plan (BCP).

Review of the BIA:

The help of the Business Improvement Area (BIA) is needed for the identification and prioritization of the important IT systems and different components.

Prevention controls have to be identified:

Numerous approaches that are carried out for the reduction of the penalties of the system concern will eventually raise the availability of the system and will also result in reducing the life cycle cost...

Expert Solution & Answer

Want to see the full answer?

Check out a sample textbook solution

See solution

Chapter 10, Problem 1E

Chapter 10, Problem 3E

Students have asked these similar questions

Now have a look at how the standard ISO 27002 deals with security requirements in information systems development. This is mostly covered in 14.1, but other parts of section 14 touch on these issues along with other chapters within the standard. Now provide a brief commentary on the adequacy of this material, and also outline whether this material in the standard might alter the key tasks that you would undertake in order to produce the specification of the information security requirements.

create an organizational chart detailing all of the federal agencies involved in computer forensics. begin with the department of homeland security at the top, and then provide the name of each agency and include its computer forensics unit name where appropriate.

Is the role of the project sponsor consistent across the SDLC?

Knowledge Booster

Learn more about

Need a deep-dive on the concept behind this application? Look no further. Learn more about this topic, computer-science and related others by exploring similar questions and additional content below.

Similar questions

Question 9 The post-implementation audit is seldom done, which is unfortunate because it has excellent value for all stakeholders. Some of the reasons for skipping the audit include the following: ..

Recommended textbooks for you

Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
MIS
Computer Science
ISBN:9781337681919
Author:BIDGOLI
Publisher:Cengage
Enhanced Discovering Computers 2017 (Shelly Cashm...
Computer Science
ISBN:9781305657458
Author:Misty E. Vermaat, Susan L. Sebok, Steven M. Freund, Mark Frydenberg, Jennifer T. Campbell
Publisher:Cengage Learning