Skip to content

Page343

Cyber Incident Response Plan

The Cyber Incident Response Plan is designed to respond to disruptive cyber events, including network-based attacks, worms, computer viruses, and Trojan horses. For example, self-propagating malicious code such as worms has the potential to disrupt networks. Loss of network connectivity alone may constitute a disaster for many organizations.

Occupant Emergency Plan (OEP)

The Occupant Emergency Plan (OEP) provides the “response procedures for occupants of a facility in the event of a situation posing a potential threat to the health and safety of personnel, the environment, or property. Such events would include a fire, hurricane, criminal attack, or a medical emergency” [12]. This plan is facilities focused, as opposed to business or IT focused.

The OEP is focused on safety and evacuation, and should describe specific safety drills, including evacuation drills (also known as fire drills). Specific safety roles should be described, including safety warden and meeting point leader, as described in Chapter 4, Domain 3: Security Architecture and Engineering.

Crisis Management Plan (CMP)

The Crisis Management Plan (CMP) is designed to provide effective coordination among the managers of the organization in the event of an emergency or disruptive event. The CMP details the actions management must take to ensure that life and safety of personnel and property are immediately protected in case of a disaster.

Crisis Communications Plan

A critical component of the Crisis Management Plan is the Crisis Communications Plan (sometimes simply called the communications plan): a plan for communicating to staff and the public in the event of a disruptive event. Instructions for notifying the affected members of the organization are an integral part of any BCP/DRP.

It is often said that bad news travels fast. Also, in the event of a post-disaster information vacuum, bad information will often fill the void. Public relations professionals understand this risk, and know to consistently give the organization’s “official story,” even when there is little to say. All communication with the public should be channeled via senior management or the public relations team.