Which of the following teams should NOT be included in an organization's contingency plan?
Click on the arrows to vote for the correct answer
A. B. C. D.C.
According to NIST's Special publication 800-34, a capable recovery strategy will require some or all of the following functional groups: Senior management official, management team, damage assessment team, operating system administration team, systems software team, server recovery team, LAN/WAN recovery team, database recovery team, network operations recovery team, telecommunications team, hardware salvage team, alternate site recovery coordination team, original site restoration/salvage coordination team, test team, administrative support team, transportation and relocation team, media relations team, legal affairs team, physical/personal security team, procurements team.
Ideally, these teams would be staffed with the personnel responsible for the same or similar operation under normal conditions.
A tiger team, originally a U.S.
military jargon term, defines a team (of sneakers) whose purpose is to penetrate security, and thus test security measures.
Used today for teams performing ethical hacking.
Source: SWANSON, Marianne, & al., National Institute of Standards and Technology (NIST), NIST Special Publication 800-34, Contingency Planning Guide for Information Technology Systems, December 2001 (page 23).
A contingency plan is a set of procedures and guidelines developed by an organization to ensure that critical operations can continue in the event of a disruption. The goal is to minimize the impact of unexpected events such as natural disasters, cyber-attacks, or other emergencies.
Among the teams that should be included in a contingency plan are the Damage assessment team, Hardware salvage team, and Legal affairs team.
The Damage assessment team is responsible for assessing the extent of the damage caused by the disruption, and developing a plan to recover operations as quickly as possible.
The Hardware salvage team is responsible for salvaging any damaged hardware and restoring it to operational status, or replacing it with new hardware.
The Legal affairs team is responsible for handling any legal issues that may arise as a result of the disruption, such as breach of contract or liability claims.
However, the Tiger team should NOT be included in an organization's contingency plan. A Tiger team is a group of experts who are hired to test an organization's security system by attempting to break in. Their purpose is to identify vulnerabilities and weaknesses in the security system, and to recommend improvements. While the Tiger team is important for improving the overall security of an organization, they are not part of the contingency plan. Their role is to test the system under normal conditions, not during a disruption or emergency.
In summary, the Damage assessment team, Hardware salvage team, and Legal affairs team should be included in an organization's contingency plan, while the Tiger team should not.