Please refer to the Course Project Overview, located in the “Introduction and Resources” module of our course. For this project, you can either use an organization with which you are familiar, or a fictitious company that is need of an IRP, a DRP, and a BCP. The company should be a small-to-medium size company – about 200 employees – that is responsible for some sensitive data (employee information, customer information, etc.), with a need to be able to operate throughout a security incident or disaster, and an additional need to be fully operational as soon as possible following an incident (think retail outlets, software development companies, colleges, school districts, etc.) Describe and discuss the key components of a comprehensive Incident Response Plan (IRP) for any attack on an organization’s network and data. The plan starts with a brief descriiption of the company, the identification of possible trigger events and includes immediate actions that should be taken. In order to earn full credit, you should include the following:
•
o A brief overall description of the company
o An description of the components of an Incident Response Plan needed for this company
o A discussion of possible triggers that would indicate that an incident is or has taken place
o Immediate actions that should follow the detection of an incident
