Unit 3 | HTCS 601 Notes | Security Assessment and Risk Analysis Notes | Aktu Notes

Security Planning: Directives and Procedures for Policy Mechanism

What it means: Security planning is about creating a proper structure or plan to protect an organization’s data, systems, and networks from cyber threats or misuse.

Key points:

- Directives: These are high-level rules or instructions from top management that say how security should be managed.

Example: “All employees must use strong passwords.”

- Procedures: These are step-by-step methods on how to apply the directives.

Example: A written procedure that shows how to change your password every 90 days.

- Policy Mechanism: These are tools or techniques used to enforce the rules and ensure the system behaves as per the policy.

Example: Password expiration tools, firewalls, access control systems.

Purpose:

Security planning helps an organization:

• Prevent unauthorized access.
  
  
• Ensure that only authorized users can perform specific actions.
  
  
• Protect sensitive data from being stolen or changed.

Contingency Planning / Disaster Recovery

What it means: Contingency planning is preparing for unexpected events (like system failures, cyberattacks, natural disasters) so that the organization can recover and continue working with minimum disruption.

Agency Response Procedures and Continuity of Operations

- Agency Response Procedures: Steps to follow immediately after an incident.

Example: Shutting down systems if there’s a cyberattack.

- Continuity of Operations: Planning how to keep the important parts of the business running, even during or after a disaster.

Example: Shifting work to a backup location if the main office is damaged.

Contingency Plan Components

A complete contingency plan includes:

1. Emergency response – What to do immediately after the incident.

2. Backup systems – Data and system backups ready for use.

3. Communication plan – Who to inform and how to coordinate with teams.

4. Recovery process – Steps to bring systems back online safely.

5. Testing & training – Regular drills and training for employees.

Determination of Backup Requirements

- Decide:

• What data needs to be backed up (critical data, databases, user files).
  
  
• How often it should be backed up (daily, weekly).
  
  
• Where to store the backup (offsite, cloud).
  
  

Why it matters:

If backup requirements are not clear, you might lose important data during a crash or cyberattack.

Development of Plans for Recovery Actions After a Disruptive Event

- After the issue is handled, a recovery plan is needed to:

• Repair systems.
  
  
• Restore data from backups.
  
  
• Test if everything is working correctly.
  
  
• Resume normal operations.

Goal: To get everything back to normal as fast and safely as possible.