Essay about Lab #9

2. Explain the purpose of following health, safety and security procedures in a business environment.

2. Explain the purpose of following health, safety and security procedures in a business environment.

The purpose of an After Action Report and Improvement Plan (AAR/IP) is to analyze the strengths and weaknesses of certain events. These reports help breakdown incidents and to check processes that have either worked as planned or processes that need improvement. The reports can also be stored for future use in order for people to use them as past lessons learned. This AAR will give a summary of events, strengths and weaknesses, recommendations, and finally finished off with an IP that addresses the recommendations.

As lead forensic investigator for XYZ, Inc., my first task in planning to process the potential crime/incident scene at HCC Partners in Life, is how to collect computers involved in the incident scene methodically and thoroughly. First and foremost, I would attempt to ascertain the type of case I am investigating. In this instance, I know that there is a possible breach in the medical records system at HCC. I would need to talk to employees involved in the incident and ask questions. For instance, I would need to know if police (and hopefully not their Information Technology (IT) department) taken custody of any computers,

The officer may also collaborate on solutions with other law enforcement officers or emergency personal. The fourth step is assessing results, process and impact evaluation and conduct a new problem

Although this systematic approach has improved first responder’s ability to communicate effectively it is important to continuously evaluate not only the incident itself, but also the agency’s preparation and

“Checking all incident reports (highered.mheducation.com)”; Checking these reports are key, because one problem in law enforcement is false reports. This check can aid to review the value of the review to see if it matches the scene and it can also piece information about the scene. 5. “Reviewing crime laboratory reports (highered.mheducation.com)” ; This is pertinent due to test results of the evidence the team has sent to the lab.

Having been briefed on the nature of the incident, the forensic investigator will conduct interviews of the database (DB), Email, and network administrators to determine what she knows about the chain of events leading up to the receipt and subsequent

The organization implements an incident handling capability for security incidents that includes preparation, detection and analysis, containment,

The organization has defined procedure for the identification, collection, acquisition, preservation of information that will be utilized as evidence. Evidence identifies unauthorized changes and helps reconstruct the activities involved in an incident. Forensic analysis can be used to determine and subsequently understand the extent to which a system or network has been compromised or otherwise affected. Due to the specialization of forensic analysis some organizations may choose to outsource these activities in order to transfer the responsibility.

Assessment, Evaluation and Improvement – had to adopt a systematic approach to evaluating their successes and failures. They conducted real time evaluations to assess and influence emergency response. These exercises provided vital information about the effectiveness of their response and allowed them to make crucial adjustments to their process.

Readiness is important to alleviate the danger of an assault or episode before issues emerge inside of the association. This incorporates guaranteeing the association 's system security, frameworks, and applications. The Incident Response Team ought to have every one of the instruments and assets important to perform their employment obligations when episodes happen. Contact data including accessible if the need arises and heightening ought to be dispersed to the group and administration. Best security practices ought to be actualized and continually refined in the territories of danger appraisals, system edge security, malware aversion, and representative security mindfulness.

In this report I will be talking about different security policies and guideline and how they are needed in an organisation. The first one I will be talking about will be the disaster recovery policy, what this policy is basically about is that the organization will have so kind of plan or strategy put in place for things like natural disasters for example floods, fire, earthquake and things like theft and major human error that can cause major data loss, which and ultimately impact the organization security and the functions the organization provides. What this disaster recovery policy might have in it is if a natural disaster or a virus enters the organization one police can be to basically move all the data to an off-site location

Q2: Do you believe that our company places a priority on security in the organization?

Q2: Do you believe that our company places a priority on security in the organization?