Introduction
Notably, mitigating risks are among the topics that I would say that are quite interesting to learn, specifically for me. For the past few weeks of studying, I have learned the different ways of mitigating risks and their effects on different organizations. Understandably, risks naturally take advantage of the company’s weakness that results from the dangers that a business may be exposed to. Therefore, the paper seeks to address how to mitigate different risks such as the Computer Incidents using Computer Incidents Plan and the disaster using the Disaster Recovery Plan since they all work differently.
Human Activities
More imperatively, natural calamities such as earthquakes and floods cannot be averted. Therefore, these disasters will always cause damages when they happen. According to Gibson, disasters affect human activities; therefore, business organizations should develop plans to restore the essential business system after the occurrence, which defines the Disaster Recovery Plan (DRP) (Gibson, 2014). Equally important, the objective should mainly be rebuilding the system, especially after software and hardware failure. More significantly, disaster recovery planning should consider issues, including critical business functions, recovery time objective, business impact analysis, and business continuity (Soni, 2020). DRP usually helps save critical data and lives from recovering after a disaster.
Naturally, the objective of a DRP is to restore the lost data or damaged system (Gibson, 2014). Therefore, the critical element should be incorporated because they are necessary to increase the chances of success through the Disaster Recovery Plan (DRP). Besides, we should also be considering the following factors. The process cost, support from leaders, evaluation process, and last but not least, the DRP developers’ knowledge. Fundamentally, helping an organization restore the critical operational aspects, DRP could incorporate anything beneficial (Gibson, 2014). Moreover, DRP should highlight the scope for recovery, the purpose of communication, and the emergency declaration. Equally important, there should be emergency response and recovery procedures (Soni, 2020).
Disaster Recovery Planning
Understandably, Disaster Recovery Planning should help in preparation for mitigating both long term and short term effects. In contrast, an organization with DRP can handle a disaster than one without a plan. According to Soni (2020), DRP helps reduce outrage after a tragedy. Understandably, implementing DRP involves; making sure that you regularly review and update the DRP. You should test the DRP so that it is implemented as it should. Similarly, BIA should be completed, and also, you should begin with the primary objective and focus. As a result, this will help address every essential concern, for example, the cost or the magnitude of the disaster.
More importantly, a computer incident is an abuse of security policy that involves activities affecting the system (Gibson, 2014). More precisely, they can cause losses of business integrity, confidentiality, and accessibility. According to my research, the Computer Incident Response Team is a group of experts trained to reduce an organization’s damages. Therefore, the objective of CIRT is to ensure there is appropriate control of multiple computer components. More appropriately check on inappropriate usage within the system. Additionally, the help detects malicious codes and Denial of Service (DoS) attacks (Gibson, 2014).
Fundamentally, the CIRT should be able to outline the policy information. Equally significant, communication means and membership information (Gibson, 2014). Additionally, there should be an exact incident response procedure. However, the actors are not always limited, as long as they are essential. Similarly, CIRT helps a business get ready to respond faster to incidents (Gibson, 2014). However, the risk should be identified first. Also, the organization should identify the CIRT members who are well equipped with the skills and the knowledge needed. Conclusively, it enables every individual to know what role and task to play during emergencies.
Conclusion
In conclusion, the organization should train the CIRT members to respond and handle the situation. Then, impose rules guiding CIRT member’s operations and include a developed checklist. Equally important, the business should subscribe to security notifications to be alert when malicious codes pop up. More importantly, ensure regular review and update the DRP. You should test the DRP so that it is implemented as it should.
References
Gibson, D. (2014). Managing risk in information systems. Jones and Bartlett Learning. 2nd Edition.
https://www.oreilly.com/library/view/managing-risk-in/9781284055955/
Soni, V. D. (2020). Disaster recovery planning: Untapped Success Factor in an Organization.
https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3628630.
Cite this page
Mitigating Risks - Essay Sample. (2024, Jan 11). Retrieved from https://speedypaper.net/essays/mitigating-risks-essay-sample
Request Removal
If you are the original author of this essay and no longer wish to have it published on the SpeedyPaper website, please click below to request its removal:
- Essay Example: Pharmacy School Personal Statement
- Critical Thinking: Responsibility for Accident Case Study. Management Essay Sample.
- Personal and Professional Goals - Application Essay Example
- Grant Writing Sources - Essay Sample
- What Are the Benefits of a WHS Management Information System? Essay Example
- Essay Example - Education Foundation
- Free Report - Summary of "Assessment of Cognitive and Language Abilities through Play," by Carol E. Westby
Popular categories
