In this chapter, you will learn about
• Security incident response
• Developing security incident response plans and playbooks
• Developing and testing business continuity plans
• Developing and testing disaster recovery plans
The topics in this chapter represent 19 percent of the Certified Information Security Manager (CISM) examination. This chapter discusses CISM job practice 4, “Information Security Incident Management.”
While security incident response, business continuity planning, and disaster recovery planning are often considered separate disciplines, they share a common objective: the best possible continuity of business operations during and after a threat event. There are a wide ...