Pub. 8 2019 Issue 5

September/October 2019 31 l e a d i n g a d v o c a t e f o r t h e b a n k i n g i n d u s t r y i n k a n s a s not care about the significance of your vendor relationships or the controls you’ve put in place to mitigate the risk of malware infections. Incident Response Incident response serves as a point of contact or commonality between business continuity and disaster recovery. While business continuity and disaster recovery planning encompass the relatively broad scopes of general operational continuity and major catastrophic events respectively, incident response planning instead addresses particular, discrete, time-based incidents that may occur in the course of any disruption of an organization’s operations. It is the development of tactical, systematic response and recovery procedures for specific events such as man-in-the-middle or denial-of-service attacks on your network, unauthorized access to sensitive assets or information, power outages, or any other particular event that has affected your organization. An incident response plan may be a subset of either your business continuity plan or your disaster recovery plan, depending on the scope and nature of the event that has occurred. For example, if the event is merely a half-day power outage, your incident response may fall within the context of business continuity – just keeping operations running in the face of the event. Alternatively, if the event is a major disaster such as a tornado or other widespread infrastructure breakdown, you may have to execute multiple incident response plans in the course of a more broadly-scoped disaster recovery effort. Business continuity, disaster recovery, and incident response planning each play an important role in an organization’s preparedness program. Though there are certainly similarities between the three, it’s important to be aware of the differences that make each strategy unique and needed. The absence of any of these three considerations renders an organization’s continuity planning incomplete and increases the risk of delayed, incomplete, or ineffective responses to operational interruptions, large-scale disasters, and other disruptive events. It’s important that those responsible for developing their financial institution’s information security program recognize the roles each of these strategies play, and ensure they are integrating each into their organization’s continuity planning program. Joseph Ellis has worked as an IT and information security auditor at CoNetrix, and is now the manager of the company’s Boost Consulting division. Boost consultants can help your organization develop and maintain an information security program, strengthen your organization’s security posture, and maintain compliance with regulatory requirements. Who Should Attend Internal auditors, compliance officers, senior management and any officer in the bank responsible for deposit operations, corporate governance or electronic funds. EDUCATIONAL RESOURCES 785-232-3444 www.ksbankers.com INTERNAL AUDIT December 4 Hutchinson - Atrium Hotel December 5 Topeka - Hilton Garden