Interruptions to business functions can result in a loss of productivity and significant costs. Careful planning can often help avoid security incidents. However, even with planning, such incidents cannot always be prevented. Therefore, as a security professional, you also need to plan for recovering from disaster security incident.
To prepare for this Discussion, consider the importance of change management in providing business continuity. Consider how communications and planning can help avoid security incidents, such as outages that affect the availability of IT services or that may expose sensitive data. Also consider the importance of developing a plan for recovering from a disaster, to return business functionality as quickly as possible.
For this Discussion, in 400–500 words, address the following:
Provide an example of a major security incident that can happen when change management processes are not followed. Briefly explain why information assurance should be an important consideration in disaster recovery planning and policies. For the example you have chosen, recommend two policies to prevent this security incident from reoccurring. Justify your recommendations. If the incident reoccurs, recommend two disaster recovery policies that would help with recovery. Justify your recommendations.