Principles of Information Security (MindTap Course List)
6th Edition
ISBN: 9781337102063
Author: Michael E. Whitman, Herbert J. Mattord
Publisher: Cengage Learning
expand_more
expand_more
format_list_bulleted
Expert Solution & Answer
Chapter 4, Problem 11RQ
Explanation of Solution
Contingency plan:
- A contingency plan is a plan of action used to help the organization efficiently for the significant future situation or event that may or may not occur.
- It is a component of risk management, disaster recovery and business continuity.
- It is also planned for recovering from actions that threaten the information resources in the organization and security of information and to give the successive restoration to regular modes of business operations.
Difference between contingency plan and routine management planning:
| Contingency plan | Routine management planning |
| Contingency plan includes a set of techniques planned to find and minimize risks, mostly by arranging for the unexpected. | Routine management planning is prepared to keep the business by recognizing the risk. |
| These models apply to IT, business, personal and other situations... |
Expert Solution & Answer
Trending nowThis is a popular solution!
Students have asked these similar questions
How is contingency planning implemented?
What is contingency planning, and how does it work?
In which contingency plan testing strategy do individuals participate in a role-playing exercise in which the CP team is presented with a scenario of an actual incident or disaster and expected to react as if it had occurred?
Structured walk-through
Desk check
Parallel testing
Simulation
Chapter 4 Solutions
Principles of Information Security (MindTap Course List)
Ch. 4 - Prob. 1RQCh. 4 - Prob. 2RQCh. 4 - Prob. 3RQCh. 4 - Prob. 4RQCh. 4 - Prob. 5RQCh. 4 - Prob. 6RQCh. 4 - Prob. 7RQCh. 4 - Prob. 8RQCh. 4 - Prob. 9RQCh. 4 - Prob. 10RQ
Ch. 4 - Prob. 11RQCh. 4 - Prob. 12RQCh. 4 - Prob. 13RQCh. 4 - Prob. 14RQCh. 4 - Prob. 15RQCh. 4 - Prob. 16RQCh. 4 - Prob. 17RQCh. 4 - Prob. 18RQCh. 4 - Prob. 19RQCh. 4 - Prob. 20RQCh. 4 - Prob. 2ECh. 4 - Prob. 3ECh. 4 - Prob. 4ECh. 4 - Prob. 5ECh. 4 - Prob. 1CEDQCh. 4 - Prob. 2CEDQCh. 4 - Prob. 3CEDQ
Knowledge Booster
Similar questions
- How exactly does one go about transforming an organization's information security plan into a workable project strategy?arrow_forwardWhat kinds of jobs fall within the purview of covert flow control and need the employment of the SEH?arrow_forwardIs there an optimal amount of preventive maintenance? What caution should be exercised before calculating this optimal amount?arrow_forward
- True or falsearrow_forwardA. Why should continuity plans be tested and rehearsed? B. Identify and briefly discuss three UK laws relevant to the practice of information security. C. Discuss the financial considerations required to implement an information security project. D. What are the main benefits for an organisation that assure from undertaking information security project management?arrow_forwardIt is recommended to propose a security awareness campaign. Finished works of art should not be missing any important parts. All of the input should be reflected in the final product. Proposal contents will comprise an executive summary, communication plan, proposal introduction, rules and processes, suggested solutions to security flaws, and plans to continuously monitor the organization for hostile behaviour.arrow_forward
- Planning is the last step in the SDLC. Is it truthful or untrue to say this?arrow_forwardThe Engineering Solutions Company Limited (ESCL) has tendered for, and won a contract to design and build a computerized flood- warning system in Trinidad and Tobago. Consider the activities, durations, and predecessor relationships to roll out this project, in the following network, shown in Table 7 below. Draw the network and answer the questions that follow. ESCL Computerized Flood-Warning System Project Immediate Activity Description Predecessor(s) Time Optimistic Most Likely Pessimistic (Weeks) (Weeks) (Weeks) A 4 1 4 7 --- C A. 2 2 2 D В 1 7 10 D 4 F E 1 2 3 G C 17 H D, G 3 7 11 I D 8 10 J F, H 4 5 K I 1 1 1 a) Using a network, what is the earliest expected time of completion of the whole project? c) Using the information from Table 7, what is the probability that the project can be completed in 28 days? d) Using the information from Table 7, if the project manager wants at least a 98% probability that the project will be completed on or before the due date, what is the shortest…arrow_forwardA. What conditions must be met to ensure that risk acceptance has been used properly? B. Discuss the concept of an organisation’s competitive advantage against competitors and how it has evolved over the years with the ongoing development of the IT industry. C. Explain why networking components need more examination from an information security perspective than from a systems development perspective. Why must this practice be periodically reviewed? D. With the aid of a diagram, discuss the contingency planning hierarchy. E. What is the DMZ? Discuss whether this is a good name for the function that this type of subnet performs.arrow_forward
- It is recommended to submit a proposal for a security education program. Artifacts that have been finished and polished are supposed to have every part they need. The input that was used to create it should be reflected in the final product. The proposal will include an executive summary, a communication plan, an introduction, rules and processes, suggested solutions to security flaws, and plans to continuously monitor the organization for hostile behaviour.arrow_forwardIt is recommended to submit a proposal for a security education program. Artifacts that have been finished and polished are assumed to include all their vital parts. The input that was used to create it should be reflected in the final product. The proposal will comprise an executive summary, communication plan, proposal introduction, rules and processes, suggested solutions to security flaws, and methods to continuously monitor the organization for hostile behaviour.arrow_forwardJohn just finished his inspection coordinator course. After obtaining his first appointment, he plans to add his personal secretary to the inspection team for the purpose of serving as a session scribe and producing the required reports. He assumes that her participation will free him of the coordination tasks and enable him to conduct the session successfully. Is it advisable to employ a secretary (a non-information technology professional) as a scribe in an inspection session? List the pros and cons of adding such a nonprofessional to the inspection session.arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
Management Of Information SecurityComputer ScienceISBN:9781337405713Author:WHITMAN, Michael.Publisher:Cengage Learning,
Principles of Information Systems (MindTap Course...Computer ScienceISBN:9781305971776Author:Ralph Stair, George ReynoldsPublisher:Cengage Learning
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning